Events-based Filtering & DoS



Some countries filter relatively few sites. Such implementation is framed in the context of fighting pornography (or child pornography), terrorism related sites, copyright violator (i.e. warez) sites, and hate speech sites etc… And although they may only filter relatively few sites they now have the capacity (technical infrastructure, trained personnel and administrative/procedural process) to increase the amount/scope of the filtering within an increasingly short time period. This phenomenon manifests itself during key periods such as elections or significant anniversaries or high profile international visits. The ability to quickly block or unblock specific content is handy for countries that filter for plausible deniability, or to respond to international pressure (temporarily). However, a technique has emerged that can be used in lieu of conventional filtering to silence opposition voices and disrupt the use of the Internet as an organizing tool: Denial of Service (DoS) attacks.

Some countries filter relatively few sites. For example, Egypt blocks access to the website of the Muslim Brotherhood www.ikhwanonline.com, Indian ISP’s filter access to the Yahoo! Group, Kynhun, and hinduunity.org and South Korea blocks access to 31 North Korean websites. (The latter two actually inadvertently block significantly more sites because of blocking by IP address).

As countries develop their filtering capacity countries, moving from blocking IP using their existing routers to the purchase of commercial filtering technology, they increase their capacity to filter significantly more content.

There have been events-based information crackdowns, such as in China during the ten year anniversary of Tiananmen, as well as events-based filtering and “un-filtering” Asia Pacific Economic Cooperation (APEC) 2001 Summit in Shanghai, China.

During election in Belarus in 2001 several opposition websites experienced “suspicious problems“. Similar suspicious outages occurred during the 2004 election.

A recent IFEX fact finding mission to Tunisia conducted Internet filtering testing, with the assistance of the OpenNet Initiative. We found that Tunisia was using SmartFilter to block access to websites critical of the government as well as websites classified (and mis-classified) by SmartFilter (v3) as Anonymizer/Translator, Sex, and Nudity. But IFEX also reported:

Amnesty International-Tunisia reported that the websites of the London-based international human rights group and of some of its sections in countries including France and Canada were no longer blocked at the end of January. Its own site, AI-Tunisia, was reported by members of the board of AI-Tunisia to be briefly accessible during the visit paid to Tunisia by the IFEX delegation. Members of the Board deemed this “not purely coincidental.”

With increased filtering capacity and technical know-how the ability to turn filtering on and off – even for specific web sites – becomes a possibility. This is handy for countries that filter for plausible deniability, or to respond to international pressure (temporarily).

With the growth of the Internet and the general understanding that one can get alternative information from multiple sources (e.g. out of the country sites that contain information critical of the government) people and governments know that the Internet is growing in importance in terms of information (filtering in the sense of “content”) as well as organization (filtering with the intent to disrupt organizing as in “communications”).

There are other techniques that can block access to specific content, temporarily, in lieu of filtering. In Kyrgyzstan several opposition newspapers have come under distributed denial of service attack (DDoS) which has caused their sites to become inaccessible. In response the Kyrgyz ISP that hosts the sites blocked access to the sites from the outside world, the sites were only available within Kyrgyzstan. A group calling itself “shadow team”, which appears to be a ddos-for-hire group – is threatening to increase the scale of the attacks. These sites are now being moved to hosting services outside the country.

DoS as a means of blocking access to specific content or disrupting the communications and organizing capability of target groups is an attractive options for those countries which cannot implement filtering in the conventional sense. However, the result is essentially the same.

Post a comment.