When a country is in the midst of civil war, how does that country’s government use the Internet to its advantage? A group of scientists recently released the monitoring and filtering practices of the Syrian government during the early stages of the Syrian Civil War in 2011, and their results are not what you might expect. The story begins with a US based company, an international net activist group and a fluke of a find.
Last year, the non-profit organization Reporters Without Boarders identified a California-based company as one of the “corporate enemies of the Internet”. The company, called Blue Coat Systems, is a privately held company that specializes in Network Security.
Part of what set Reporters Without Boarders off was a report in 2011 by a net activists group who call themselves Telecomix. The group stumbled upon evidence indicating that the Syrian government was using Blue Coat technology to help monitor and filter online searches from Syrian users.
In October 2011, Telecomix leaked tens of gigabytes of data they had acquired from Blue Coat proxies – web servers that facilitate users’ access to online content. The report came out at a time when the Syrian Civil War was gaining speed with growing protests and rising armed insurgencies like the Free Syrian Army.
The data, “represents a unique opportunity to provide a snapshot of a real-world censorship ecosystem and to understand the underlying technology,” an international group of scientists stated in their paper, which they posted last week to the scientific paper repository arXiv.
There are two ways in which web proxies, like those that Blue Coat sells, can filter and monitor content: explicit and implicit proxies. Explicit proxies require that each electronic device, desktop, laptop, tablet, etc. be configured to send user requests through a proxy. In this way, the user knows that they’re using proxies to filter content like pornography.
|Logo of Telecomix. Credit: Telecomix|
Implicit proxies have no such limitation in physical configuration and can monitor or filter content at the ignorance of the user. The latter is the type for which the Syrian government employed their proxies that Telecomix hacked. The resulting logs of data that Telecomix leaked provided information about the hundreds of thousands of requests from Syrian users on July 22, 23, 31 and August 1-6, 2011.
Analyzing the data, the scientists found that the Blue Coat proxies were censoring instant messaging software, like Skype and MSN live messanger, more heavily than social networks like Facebook and Twitter. Only certain social media sites were blocked like the Syrian Revolution Facebook page.
The scientists reported that the proxies censored less than one percent of online traffic. Moreover 93 percent of requests were allowed and about 5 percent were denied due to network errors. The scientists were also able to see how Syrian Internet users tried to combat censorship by using tools like P2P file sharing and virtual private Network software to access blocked content.
“Our analysis shows that, compared to other countries (such as China and Iran), Internet filtering in Syria seems to be less invasive yet quite targeted,” the scientists stated.
The sample captures what Syrian authorities were censoring and filtering over a short period of time during 2011, but does not say anything about current practices. And the over 500,000 dollars worth of equipment that Syria installed in its computer rooms in November, 2011 will likely make it difficult for additional leaked logs of data to bring us fresh information any time soon.