The State of Internet Censorship in South Sudan

This post has been published by OONI, a censorship measurement project under the Tor Project, and South Sudan’s “The Advocates for Human Rights and Democracy” (TAHURID)

South Sudan Map Triangle Pattern Blue

Background

South Sudan has been plagued by civil wars over the last century. The First Sudanese Civil War was a conflict from 1955 to 1972 between the northern part of Sudan and the southern Sudan region that demanded more autonomy. Following the first civil war, the Southern Sudan Autonomous Region was temporarily formed, but a second civil war erupted in 1983 and lasted until the end of 2004. After the second civil war, the Autonomous Government of Southern Sudan was created. South Sudan became an independent state on 9th July 2011, following a referendum.

The country though remains in turmoil. Two years after independence, a civil war erupted within South Sudan between the government and opposition forces. In 2015, an agreement to end South Sudan’s civil war was threatened by ceasefire violations and the war restarted by July 2016. South Sudan’s ongoing civil war has resulted in the displacement of millions (who have seeked refuge in neighbouring Uganda, Sudan, and Kenya) and in tens of thousands of deaths (though aid workers reported in 2016 that the true figure might be as high as 300,000 deaths, which is comparable to the number killed in Syria during five years of war).

At the end of May 2018, the Security Council of the United Nations renewed sanctions (previously imposed in 2015) on South Sudan for 45 days, setting a deadline for the civil war to end by 30th June 2018. Even though South Sudan’s main belligerents came to a peace agreement in late June 2018, experts worry that it fails to solve issues that have been at the heart of the civil war.

Amid conflict and political turbulence, South Sudan has one of the least developed telecommunications and internet systems in the world. Fifteen Internet Service Providers (ISPs) operate in South Sudan, but the lack of fibre-optic cables and the limited availability of public power hinder connectivity. MTN enjoys the greatest share within the mobile phone market, followed by Vivacell and Zain. Earlier this year however, Vivacell’s license was suspended for not paying USD 60 million in fees.

Internet penetration levels have increased since independence in 2011, but remain quite low. According to the National Communication Authority, around 20.5% of South Sudan’s population is estimated to have access to the internet, mostly concentrated in Juba and largely based on mobile internet subscriptions.

South Sudan’s Transitional Constitution of 2011 guarantees freedom of expression and press freedom under Article 24, with possible exceptions for public order, safety, or morality. The Article also calls on media to abide by professional ethics. Article 32 of the Transitional Constitution guarantees the right to access official information, with exemptions for public security and personal privacy. The regime though regularly violates media freedom protections in practice, and government officials have engaged in rhetoric that contributes to a hostile environment for the press.

Two media websites and two independent blogs were reportedly blocked in South Sudan in July 2017. The censored sites include Paris-backed Sudan Tribune and Dutch-backed Radio Tamazuj, as well as the Nyamilepedia and Paanluel Wel blogs of the Nuer and Dinka tribes, South Sudan’s two largest ethnic groups.

South Sudanese people cheer as they await the arrival back in the country of South Sudan’s President Salva Kiir, at the airport in Juba, South Sudan Friday, June 22, 2018. (Photo: Bullen Chol).
South Sudanese people cheer as they await the arrival back in the country of South Sudan’s President Salva Kiir, at the airport in Juba, South Sudan Friday, June 22, 2018. (Photo: Bullen Chol).

Measuring internet censorship

In an attempt to verify reports on the blocking of websites and to examine South Sudan’s internet landscape more broadly, OONI did some network measurement tests in South Sudan.

OONI Probe consists of a number of software tests that scan TCP, DNS, HTTP and TLS connections for signs of network tampering. Some tests request data over an unencrypted connection and compare against a known good value. Others check for HTTP transparent proxies, DNS spoofing, and network speed and performance.

To measure the blocking of websites, OONI started off by carrying out some research to identify South Sudanese URLs to test. They subsequently added these URLs to the Citizen Lab’s test list repository on GitHub, since OONI Probe is designed to measure the blocking of URLs included in these test lists. Over the last few months, OONI primarily ran OONI Probe’s Web Connectivity test (among other OONI Probe tests) in two networks: MTN South Sudan (AS37594) and IPTEC Limited (AS36892).

As part of their testing, they measured the blocking of URLs included in the global (including internationally relevant sites) and South Sudanese (including sites relevant to South Sudan) test lists. Once they collected OONI Probe network measurements from South Sudan,they analyzed them with the aim of identifying network anomalies that could serve as signs of internet censorship.

Blocked websites
Last year, media outlets Sudan Tribune and Radio Tamazuj, and independent blogs Nyamilepedia and Paanluel Wel, were reportedly blocked in July 2017. OONI recent testing not only corroborates these reports, but also suggests that these sites remain blocked one year later.

The following table links to network measurements pertaining to the recent testing of each of these sites across two ISPs:

OONI findings suggest that MTN (AS37594) blocks TCP/IP connections to these sites, while IPTEC (AS36892) blocks access by means of DNS tampering. It’s worth noting that both MTN and IPTEC block access to both http://sudantribune.com and http://www.sudantribune.com.

South Sudanese authorities blocked these sites for publishing “subversive content” and stated that the bans would not be lifted until those institutions “behaved well”. Sudan Tribune and Radio Tamazuj are foreign-based media outlets accused of hostile reporting against the government.

Paanluel Wel is a leading blog for the Dinka tribe, known for spearheading tribal political interests for the Dinka people and inciting hatred and violence against the Nuer people and other tribes. Nyamilepedia, on the other hand, is a leading blog for the Nuer tribe, known for promoting Nuer political interests and spearheading hatred against the Dinka and other Nuer who left the rebellion to join the Dinka-led government.

TAHURID reports that Almshaheer and South Africa’s Centre for Conflict Resolution are inaccessible on IPTEC, but accessible on MTN (the accessibility of which is also confirmed by OONI data testing almshaheer.com and ccr.org.za).

Many other URLs presented network anomalies (such as HTTP failures) as part of our testing, but such anomalies were most likely caused due to poor network performance and transient network failures. This suggests that South Sudanese internet users may encounter challenges in accessing sites in various points in time, even if they’re not intentionally being blocked.

It’s worth highlighting, however, that many of the URLs that OONI tested (including internationally popular and local sites) were found to be accessible in South Sudan during this study. These include sites related to conflict resolution and peacekeeping, such as the United Nations Mission in South Sudan (UNMISS) site.

HTTP proxy
Measurements previously collected in 2017 highlight the presence of an HTTP transparent proxy (Mikrotik).

This proxy is revealed in the HTTP response body in OONI Probe measurements (linked below) pertaining to the testing of the following sites:

http://deoxy.org
http://dextroverse.org
http://warc.jalb.de
http://www.bloglines.com
http://www.foreignword.com
http://www.gamenode.com
http://www.interactworldwide.org
http://www.iwantim.com
http://www.kazaa.com
http://www.kcna.kp
http://www.law-lib.utoronto.ca/Diana/
http://www.pornhub.com
http://www.proxyweb.net
http://www.wzo.org.il

These measurements clearly show that the Mikrotik HTTP transparent proxy was present last year in the network path to the above sites through South Sudan’s 4G Telecom (AS327786) network. It remains unclear though if this proxy is still in use, since measurements haven’t been collected from this network in recent months.

It’s worth noting that this equipment may potentially be used for implementing internet censorship and/or for caching (the Mikrotik HTTP proxy has this feature) to improve connectivity. Given though that most of these sites were accessible (and the ones that weren’t presented different errors, sometimes triggered as part of anti-DDoS protection), it may be the case that this proxy was primarily deployed for improving connectivity and network performance.

Conclusion

South Sudan is a young nation in politically turbulent times. Within the context of conflict, local experts discuss the challenges of drawing a line between freedom of expression and hate speech, which spurs violence.

Internet censorship does not appear to be pervasive, but limited to sites that authorities deem to publish “subversive content” and incite violence. This is evident through the blocking of Nyamilepedia and Paanluel Wel, the leading blogs of the Nuer and Dinka tribes who are known to incite violence. OONI data also corroborates the blocking of media outlets Sudan Tribune and Radio Tamazuj, both of which are hosted outside of South Sudan. Local journalists and media organizations though face different (non-digital) forms of censorship.

Juba Monitor, for example, is an independent South Sudanese newspaper critical of the government. Their website was found to be accessible, but their editor was jailed in 2016 as a result of his reporting and the newspaper has been ordered to cease its publishing over reports that the government considered “against the system”. Security personnel has been deployed at the printing press, forcing journalists to remove or edit articles critical of the government and its officials prior to publication.

Self-censorship might be one of the most effective forms of censorship in South Sudan, as suggested by the reported intimidation and killing of journalists. Local experts argue that the media in South Sudan operate in a state of fear. Earlier this year, even UN-backed Radio Miraya was suspended on the grounds of not having acquired a broadcasting license.

Nonetheless, the fact that South Sudan has already started implementing internet censorship raises questions as to whether its internet censorship apparatus will expand as internet penetration levels increase and political events unfold. Further research and testing is therefore required to better understand the country’s internet landscape and monitor any new censorship events.

The State of Internet Censorship in Egypt

This post and the full report have been published by OONI, a censorship measurement project under the Tor Project, and Egypt’s Association for Freedom of Thought and Expression (AFTE).

Throughout the testing period, between January 2017 to May 2018, more than 1,000 URLs presented network anomalies. 178 of which consistently presented a high ratio of HTTP failures, strongly suggesting that they were blocked. Rather than serving block pages (which would have provided a notification of the blocking), Egyptian Internet Service Providers (ISP) appear to primarily block sites through the use of Deep Packet Inspection (DPI) technology that resets connections.

In some cases, instead of RST injection, ISPs drop packets, suggesting a variance in filtering rules. In other cases, ISPs interfere with the SSL encrypted traffic between Cloudflare’s Point-of-Presence in Cairo and the backend servers of sites (psiphon.ca, purevpn.com and ultrasawt.com) hosted outside of Egypt. Latency measurements over the last year and a half also suggest that Egyptian ISPs may have changed their filtering equipment and/or techniques, since the latency-based detection of middleboxes has become more challenging.

The chart at the right illustrates the types of sites that presented the highest amount of network anomalies and are therefore considered to more likely have been blocked.

More than 100 URLs that belong to media organizations appear to have been blocked, even though Egyptian authorities only ordered the blocking of 21 news websites last year. These include Egyptian news outlets (such as Mada Masr, Almesryoon, Masr Al Arabia and Daily News Egypt), as well as international media sites (such as Al Jazeera and Huffington Post Arabic). Various Turkish and Iranian news websites were blocked (such as turkpress.co and alalam.ir), suggesting that politics and security concerns may have influenced censorship decisions. In an attempt to circumvent censorship, some Egyptian media organizations set up alternative domains, but (in a few cases) they got blocked as well.

To examine the impact of these censorship events, AFTE interviewed staff members working with some of the Egyptian media organizations whose websites got blocked. They reported that the censorship has had a severe impact on their work. In addition to not being able to publish and losing part of their audience, the censorship has also had a financial impact on their operations and deterred sources from reaching out to their journalists. A number of Egyptian media organizations have suspended their work entirely, as a result of persisting internet censorship.

Many other websites, beyond media, appear to have been blocked as well. These include human rights websites (such as Human Rights Watch, Reporters without Borders, the Arabic Network for Human Rights Information, the Egyptian Commission for Rights and Freedoms, and the Journalists Observatory against Torture) and sites expressing political criticism (such as the April 6 Youth Movement), raising the question of whether censorship decisions were politically motivated.

 
“Defense in depth” tactics for network filtering
Security experts are probably familiar with the “defense in depth” concept in which multiple layers of security controls (defense) are placed throughout an IT system, providing redundancy in the event that a security control fails. In Egypt, ISPs seem to apply “defense in depth” tactics for network filtering by creating multiple layers of censorship that make circumvention harder.

This is particularly evident when looking at the blocking of Egypt’s Freedom and Justice Party (FJP) site. Our testing shows that different versions of this site (http://www.fj-p.com and http://fj-p.com) were blocked by two different middleboxes. In doing so, Egyptian ISPs added extra layers of censorship, ensuring that circumvention requires extra effort.

Not only were numerous circumvention tool sites (including torproject.org and psiphon.ca) blocked, but access to the Tor network appears to be blocked as well. Measurements collected from Link Egypt (AS24863) and Telecom Egypt (AS8452) suggest that the Tor network is inaccessible, since the tests weren’t able to bootstrap connections to the Tor network within 300 seconds. In recent months, more than 460 measurements show connections to the Tor network failing consistently. Similarly, measurements collected from Etisalat Misr (AS36992), Mobinil (AS37069) and Vodafone (AS36935) indicate that access to the Tor network is blocked. The Tor bootstrap process is likely being disrupted via the blocking of requests to directory authorities.

“Defense in depth” tactics also seem to be applied in relation to the blocking of Tor bridges, which enable Tor censorship circumvention. Vodafone appears to be blocking obfs4 (shipped as part of Tor Browser), since all attempted connections were unsuccessful (though it remains unclear if private bridges work). All measurements collected from Telecom Egypt show that obfs4 works. Given that bridges.torproject.org is blocked, users can alternatively get Tor bridges by sending an email to [email protected] (from a Riseup, Gmail, or Yahoo account).

Ad campaign
Back in 2016, OONI uncovered that state-owned Telecom Egypt was using DPI (or similar networking equipment) to hijack users’ unencrypted HTTP connections and inject redirects to revenue-generating content, such as affiliate ads. The Citizen Lab expanded upon this research, identifying the use of Sandvine PacketLogic devices (Sandvine is a company based in Waterloo, Ontario, Canada) and redirects being injected by (at least) 17 Egyptian ISPs.

Over the last year, hundreds of OONI Probe network measurements (collected from multiple ASNs) show the hijacking of unencrypted HTTP connections and the injection of redirects to affiliate ads and cryptocurrency mining scripts. A wide range of different types of URLs were affected, including the sites of the Palestinian Prisoner Society and the Women’s Initiatives for Gender Justice, as well as LGBTQI, VPN and Israeli sites. Even the sites of the United Nations, such as un.org and ohchr.org, were among those affected by redirects to ads.

To learn more about this study, read the full report here.

The Onion Report from the latest HOPE conference

A handful of Tor contributors reported about the state of the Onion (all activity in the community, which is related to the Tor network and its community) at the latest HOP conference, occurred 20–22 July 2018. They talked about adding new security features, improving Tor Browser on Android, deploying the next generation of onion services, making Tor more usable, lowering the network overhead, making Tor more maintainable, and growing the Tor community with new outreach initiatives. They also shared some of what you can expect from Tor in the coming year, and answered questions from the community.

For more videos from the latest HOPE conference, see here.

Mass surveillance and security on the Internet

Not five years ago, as Edward Snowden unveiled thousands of classified and secret documents, the world became shockingly aware of a covert, suspicion-independent and global mass-surveillance of the Internet and telecommunication networks, which had been operated by the so-called “Five Eyes” (Australia, Canada, New Zeeland, UK and the USA) at least since 2007. This surveillance relied on monitoring programs such as PRISM (with the more or less voluntary participation of Microsoft, Yahoo!, Google, Facebook, Paltalk, YouTube, AOL, Skype und Apple), XKeyscore (a system to perform virtually unlimited monitoring of anyone around the world using metadata and content), and Tempora (skimming and caching almost all Internet traffic directly from the network hubs and transatlantic data links). While the public outrage after Snowden’s revelations was unprecedented, this has since largely subsided, and Intelligence Services enjoy once again nearly unhindered ability to siphon off, evaluate and store data on a large scale. With all probability, the methods of the “Five Eyes” and those of their larger partners are even more sophisticated today. What is more, initial sporadic protests had little if any effect: in the US, for example, the legal basis for PRISM and the like was not even challenged at the time, hence it remains firmly in place. Not even the US President, Donald Trump, seems inclined to curtail the powers and behaviour of US intelligence agencies in this respect.

But does global mass surveillance help prevent terrorism? To date, there are no facts that support this thesis. In fact, most attack perpetrators over the last 15 years were already known to the authorities. And very often, intelligence services focus on completely unrelated people and interests. For example, the legal framework in the US allows interception of foreign officials, as well as the gathering of economic and decision-making information with undue purposes such as predicting the future price of oil, or gaining a favourable position in international negotiations – and the NSA is not the only organisation with a political and economic agenda (Emmanuel-Pierre Guittet, “Is Mass Surveillance Effective in the Fight against Terrorism?“, Mapping Security, 11.12.2015).

Access to a website without anonymisation and without encryption: Potential data identification and interception. Everyone can potentially read (click to enlarge) Potentiell liest jeder mit.
Access to a website without anonymisation and without encryption: Potential data identification and interception. Everyone can potentially read (click to enlarge).

To make matters worse, various intelligence services and law enforcement agencies make unrestricted use of the same data pool (Sam Adler-Bell, “10 Reasons You Should Still Worry About NSA Surveillance“, The Century Foundation, 16.03.2017). This creates the prerequisites for undermining the presumption of innocence. And we can hardly understand its relevance: It is nothing less than a human right (Article 11 of the General Declaration of Human Rights), and a basic principle, which distinguishes proceedings based on the rule of law from a witch hunt. For example, it is much harder for a person to prove why research on terrorism was only meant to gather necessary knowledge, and not to prepare for an attack, than it is for state authorities to prove not just vague evidence, but a concrete offence (one or two students can sing a song about it – see here or here). At the same time, another fundamental human right is utterly disregarded: the right to privacy (Article 12).

The mass accumulation of data, regardless of whether an actual suspicion exists, not only places each individual under a disproportionate general suspicion, but also disrespects fundamental human rights. All in all, Snowden’s revelations have not eroded the data gathering voracity of the major intelligence agencies. For example, the NSA Data Centre in Utah is seemingly operative since 2014, after some initial difficulties. This facility is responsible for evaluating and storing data collected by PRISM and other monitoring programs. According to William Binney, former senior technical director at the NSA, this data centre alone holds at least 5 zettabytes (5,000,000,000,000,000,000,000 bytes) of data, which should be enough for the next 100 years.

We kill people based on metadata. — General Michael Hayden, ehemaliger Direktor der NSA und der CIA in “The Price of Privacy: Re-Evaluating the NSA“, The Johns Hopkins Foreign Affairs Symposium, 2014, ab 18′.

For all their power, the “Five Eyes” are not the only organisations that massively siphon off network and telecommunications data. The German Federal Intelligence Service (BND) collects around 220 million metadata records per day, and stores them for up to 10 years (as of 2014; see also: Kai Biermann, “BND speichert jeden Tag 220 Millionen Metadaten“, Die Zeit, 06.02.2015). Of these, the BND submits 1.3 million data records to the NSA on a monthly basis. Another example: Switzerland’s Federal Intelligence Service (NDB) monitors satellite, telecommunication and relating thereto internet connections. Under the name ONYX, the NDB runs a smaller version of the global ECHELON interception system. True to the bartering nature of the intelligence services business, the NDB cooperates with other foreign intelligence services. As a matter of course, Switzerland would not receive any key information from the Americans without some form of trade-off; this was the case, for example, in September 2014 (see: Thomas Knellwolf, “Terrormiliz IS plante Anschlag in der Schweiz“, Tagesanzeiger, 23.09.2014). Ironically, on the very day when Federal Councillor Ueli Maurer publicly stated the “lack of contact” between the NDB and the NSA, documents leaked by Edward Snowden explicitly mentioned Switzerland as a cooperation partner (see picture below).

In spite of all criticisms, every constitutional state establishes political control bodies of varying power, whether this is weak (USA) or strong (Switzerland). And the fact remains that this situation is notably more unpleasant in countries with little respect for the rule of law, let alone in authoritarian regimes, regardless of whether a person lives, does business, or spends his holidays there. In such regions, it is safe to assume that, without protection, all network and telecommunication traffic will be recorded, evaluated and stored. What is more, boundaries between state intelligence services and criminal or violent groups could be fluid. In this type of state, open criticism can swiftly lead to long-term prison sentences (or even worse). Whilst locals develop a certain sensitivity to protect – or censor – themselves, business people and tourists make an easy target for such often shady organisations. Open wireless networks in Internet cafes and hotels invite to work and surf. Are all data really encrypted at all times? Who knows who is sniffing around or actually operating these wireless networks (and do not be misled by the “Starbucks” network name – this says nothing about the actual network operator – see video below).

Or might it be that you have nothing to hide? If so, feel free to disclose all your passwords, emails, credit card details, bank statements, pay slips, tax returns, political orientation, health status, sexual preferences, etc. (see here, here, here ).

But this goes far beyond the rights and safety of each individual. Surveillance exerts a sustained influence on society’s behaviour. The Chinese government (and the Alibaba Group) already endeavour to reap the “benefits” of this social effect: By 2020, a social credit system – already partially implemented – will become binding for the Chinese citizens. Among other things, the allocation of social credit points depends on the individual’s online behaviour – needless to say, always from the point of view of the government. But the system does not stop there: the evaluation and corresponding rating will also factor in offline information. For example, the acquisition of domestic goods may have a rather positive impact on the rating, while favouring imports from certain countries may drag it down significantly. The “social rating” is not only influenced by the own actions, but also by social network i.e. friends and their actions, etc. For example, strong ratings may improve creditworthiness and access to jobs, as well as the celerity in dealing with your bureaucratic processes; conversely, poor ratings might have an adverse effect on all those areas (Stanley Lubman, “China’s ‘Social Credit’ System: Turning Big Data Into Mass Surveillance“, Wall Street Journal, 21.12.2016). It seems obvious that this sort of system implements social control mechanisms that put people straying from the norm under considerable pressure. Indirectly, this enacts a social re-education program to enforce state-compliant behaviour, without any apparent government involvement.

Although China is the salient example of such a social credit system, similar approaches are internationally recognisable. In fact, companies assessing individual creditworthiness have been around for a long time. And are you still wondering why you cannot get an Uber cab anymore? Well, chances are you have a dismal passenger rating (in any case, Uber knows if their customers had a one-night-stand). If you have your eyes open, you will spot such rating systems in many services and apps. In the long run, however, these systems may prove problematic, as increasingly independent social aspects are considered and evaluated. The Danish company Deemly is a good case in point. In this context, the “Nosedive” episode in the “Black Mirror” series, a popular critique of technology and its social impact, seems to have a prophetic nature.

Such long-term trends and their social effects can only be tackled through legally guaranteed protection of privacy and personal data (including the resulting metadata). In doing so, the state plays a pioneering role and sets an example. However, since we are not ready yet, and the current development provides no reason for exuberant optimism, it is worthwhile to build up a certain, minimum self-protection.

But aren’t such protective measures technically complex and expensive to implement? This argument cannot be completely dismissed, as privacy protection and data security do not by improve by themselves. The exchange of encrypted emails between Edward Snowden and the journalist Glenn Greenwald failed initially due to the complexity of the PGP encryption program – despite or possibly because of Snowden’s 12-minute explanatory video (Andy Greenberg, “The ultra-simple App that lets anyone encrypt anything“, Wired, 07.03.2014). We would like to present a few examples and references to show that achieving certain protection level is not rocket science. Of course, the extent of protective measures and their complexity also depends on one’s risk assessment. If, for example, someone in an authoritarian state writes an article for offiziere.ch criticising government policy, or publicly disclosing intelligence information, the author should at least consider an encrypted connection. This also explains why, after a long testing phase, offiziere.ch enforces encrypted connections (recognisable by the “https://” in the address bar of the browser or by the closed lock) – effort for the user: Zero. But that’s not all: If possible, all links included on offiziere.ch are delivered in the encrypted version. This means that a link to Wikipedia – regardless of how it was originally linked in an article – is called in the encrypted version (which is of course only possible where such a variant is actually offered).

Access to a website without anonymisation but using encryption: Contents are protected but meta-data are available and visible to all (click to enlarge)
Access to a website without anonymisation but using encryption: Contents are protected but meta-data are available and visible to all (click to enlarge)

With the above-described measure, in which the user himself is not even involved, the content data is encrypted, which increases the security against eavesdropping. And coverage can be increased significantly with little extra work: the add-on https-everywhere is available for almost every web browser. It ensures that users always reach the encrypted version of a website — if available. However, this does not prevent the accumulation of metadata. Unfortunately, it is still plain to see who communicates with whom and for how long (and much more). Let’s face it: Real anonymity is much harder to achieve, and encryption is but a first step.

The anonymisation effort also depends on the person or organisation from which we wish to conceal our identity. For example, concealing meta-data provides scant protection when the author points to the recently published system-critical article on Facebook. Logging in to Facebook can jeopardise anonymity. This is acceptable as long as the user recognises this authentication. However, there are also applications where this happens automatically (for example with a Google Account for all sorts of things), or where the user remains unaware. One of these hidden methods is so-called “fingerprinting“, whereby the browser inherently transmits metadata, such as the location of the user, if this is not prevented by appropriate measures. If somebody accesses website A and then tries to access content from website B anonymously, an organisation with access to data streams on both websites can use the browser’s “fingerprint” to determine that both websites have been accessed by the same user. Preventing such fingerprinting is very time-consuming for users (preventing cookies is not enough), unless they use the Tor Browser or Tails exclusively.

The Tor Browser encrypts and anonymises the entire web data stream and overcomes Internet censorship, with a negligible effort on the part of the user. As for Tails, it consists of a operating system designed to protect users’ privacy and anonymity. Nevertheless, the effort required from users is slightly higher in this case, because they are limited to a specific operating system, with a certain selection of applications. An interesting yet still budding project is TorBox, which may require some extra effort in the future to provide full anonymisation functionality. In particular, TorBox creates its own wireless network to which desktop, laptop, tablets and smartphone can connect, and their data is encrypted via the Tor network. Still, responsibility for keeping anonymity safe from methods such as “fingerprinting” lies with the user (but the website has some good tips).

Anonymised (with Tor) access to a website and using encryption: Contents are protected and meta-data concealed (click to enlarge).
Anonymised (with Tor) access to a website and using encryption: Contents are protected and meta-data concealed (click to enlarge).

Of course, the above measures are only the beginning of a comprehensive security concept. Additional measures include encrypting disks, ensuring strong passwords (which, however, need not be memorised due to the availability of good password managers), using a secure email environment, transferring encrypted data, and more. Whilst all of these measures are beyond the scope of this article, there is extensive, additional information available. The Tactical Technology Collective offers a comprehensive selection of How-Tos under the project name “Security in-a-Box“. If the account has already been hacked, the smartphone already stolen, trapped by malware, or you are exposed to a denial of service attack, Digital Defenders offers first aid with their “Digital First Aid Kit“. For journalists, in particular, there is the “Journalist Security Guide” recommended by the Committee to Protect Journalists.

Comments or further tips? Contribute to the comment section below!

Welcome!

Welcome to the TorBox project!

TorBox is an easy to use anonymizing router based on Raspberry Pi. It creates a wireless network, which routes the network data encrypted through the Tor network. The goal of the project is to provide an easy to use opportunity to overcome censorship, to help encrypting and enabling anonymous data traffic, independently from the client, the service and the program be used.

TorBox is in a pre-Alpha stage, a proof of concept — not more and not less! Don’t use TorBox, if your well-being depends from your anonymity. You can’t get anonymity solely by technical means — anonymity is dependent on your social behaviour.

There is still a long way to go, to improve security and usability. We are waiting für your feedbacks and inputs. We are searching people who want to help — if you are interested, please contact me.