[tor-project] OONI Monthly Report: September 2024

Maria Xynou maria at openobservatory.org
Thu Oct 17 19:12:21 UTC 2024


Hello,

This email shares OONI's monthly report for September 2024.

*# OONI Monthly Report: September 2024*

Throughout September 2024, the OONI team’s work can be tracked through the
various OONI GitHub repositories: https://github.com/ooni

Highlights are shared in this report below.

*## New partnership with Digital Rights Nepal*

In September 2024, we established a new partnership with Digital Rights
Nepal (https://digitalrightsnepal.org/), a leading non-profit organization
dedicated to safeguarding and advancing digital rights in Nepal.

As part of our partnership, we will collaborate on studying internet
censorship in Nepal. We published a page featuring Digital Rights Nepal as
a new OONI partner and highlighting their important work:
https://ooni.org/partners/digital-rights-nepal/

*## Research report on internet censorship in Kazakhstan*

On 19th September 2024, in collaboration with our partners Internet Freedom
Kazakhstan (IFKZ) and Eurasian Digital Foundation, we co-published a new
research report documenting TLS MITM attacks and the blocking of news
media, human rights, and circumvention tool sites in Kazakhstan.

We published the research report in both:
* English: https://ooni.org/post/2024-kazakhstan-report/
* Russian: https://ooni.org/ru/post/2024-kazakhstan-report/

Our partner, Internet Freedom Kazakhstan (IFKZ), published the following
article about our joint research report:
https://ifkz.org/ru/article/internet-censorship-in-kazakhstan

Our report shares censorship findings based on the analysis of OONI data
collected from Kazakhstan over the past year, as well as legal analysis and
interviews with a few media representatives.

Our analysis of OONI data from Kazakhstan reveals:
* TLS Man-In-The-Middle (MITM) attacks
* Blocking of at least 17 news media websites
* Blocking of petition sites and of the Russian language edition of Amnesty
International's website
* Blocking of at least 73 circumvention tool websites

In almost all cases, the blocks appear to be implemented by means of TLS
interference, as OONI data shows that the TLS handshakes result in timeout
errors after the Client Hello message. This is observed uniformly on all
tested networks in Kazakhstan during the analysis period.

Notably, we documented the use of the latest government-mandated root
certificate authority (CA) – and its use to emit 6 distinct intermediate
certificates – that were used to carry out TLS MITM attacks, targeting at
least 14 domains on at least 19 networks in Kazakhstan. We found that these
intermediate certificates were even being used to perform MITM attacks
during periods of certificate invalidity.

Overall, as the timing and types of blocked URLs are consistent across
networks, ISPs in Kazakhstan likely implement blocks in a coordinated
manner. Coordination among ISPs is further suggested by the fact that we
found the same certificate used by 19 distinct ISPs to implement TLS MITM
attacks. These TLS MITM attacks raise concerns because such practices
weaken the online privacy and security of internet users in Kazakhstan.

Our report received press coverage from the following outlets:

* FactCheck Kazakhstan:
https://factcheck.kz/novosti/internet-tsenzura-v-kazahstane-rezultaty-issledovaniya-ifkz-i-ooni/
* Ulysmedia Kazakhstan:
https://ulysmedia.kz/rassledovaniya/38144-ramki-rukopozhatiia-i-lichnye-dannye-ili-kak-v-kazakhstane-kontroliruetsia-svoboda-internet-slova/
* SecurityLab Russia: https://www.securitylab.ru/news/552299.php
* Sledstvie Info:
https://sledstvie.info/news/45234-informatcionnaja_izoljatsija_kazahstana_kak_vlasti_otrezajut_grahdan_ot_globaljnyh_sobytij


*## Report on the blocking of OONI Explorer in Russia*

In September 2024, Russia started blocking access to OONI Explorer.

We published a report, documenting the blocking of OONI Explorer in Russia
based on OONI data: https://ooni.org/post/2024-russia-blocked-ooni-explorer/

On 11th September 2024, we received an email from Roskomnadzor, informing
us of their decision to block access to OONI Explorer. On the same day,
OONI data shows that ISPs in Russia started implementing the block.

While Roskomnadzor mentioned their intention to restrict access to the
Russian translation of our circumvention tool reachability measurements, in
practice, the restriction is far-reaching. The block restricts access to
all OONI data hosted on OONI Explorer.

On some networks in Russia, we are able to automatically confirm the
blocking of OONI Explorer based on fingerprints. For example, OONI data
shows that DNS resolution returns an IP that hosts a block page.

As part of this report, we made use of the data analysis capabilities of
our upcoming OONI pipeline v5 to produce a chart with the breakdown of
failure types and errors that enable the characterization of the block. On
most networks in Russia, access to OONI Explorer appears to be blocked by
means of TLS interference, as many measurements resulted in timeout errors
and connection reset errors right after the Client Hello message during the
TLS handshake.

On 18th September 2024, our Russian partner, Roskomsvoboda (
https://roskomsvoboda.org/),  shared news of the blocking of OONI Explorer
with Russian communities via Telegram: https://t.me/ru_tech_talk/560

*## Report on the blocking of Twitter/X in Tanzania*

On 30th August 2024, Tanzania blocked access to Twitter/X.

In early September 2024, we published a short report on our Censorship
Findings platform, documenting the block through OONI data.

Our report on the (temporary) blocking of Twitter/X in Tanzania is
available here: : https://explorer.ooni.org/findings/188763810301

It’s worth noting that our community members also independently reported on
the blocking of Twitter/X in Tanzania through the use of OONI tools and
data:
https://x.com/MelamiVictoria/status/1829502734078185879
https://x.com/ZainaFoundation/status/1829536688890085645

*## Report on the blocking of Twitter/X in Brazil*

On 31st August 2024, Brazil blocked access to Twitter/X.

In early September 2024, we published a short report on our Censorship
Findings platform, documenting the block through OONI data.

Our report on the blocking of Twitter/X in Brazil is available here:
https://explorer.ooni.org/findings/174962608001

It’s worth noting that our community members also independently reported on
the blocking of Twitter/X in Brazil through the use of OONI tools and data:
https://x.com/vesinfiltro/status/1830262921789669543
https://x.com/vinifortuna/status/1830349458384486599
https://x.com/OliverLinow/status/1829846237203333282

*## Presenting thematic censorship findings on OONI Explorer*

In September 2024, we started developing the new thematic censorship
findings pages for OONI Explorer based on the user research and mockups
designed in previous months. These pages will focus on OONI measurements
pertaining to News Media (https://github.com/ooni/explorer/issues/940),
Social Media (https://github.com/ooni/explorer/issues/939) and
Circumvention Tools (https://github.com/ooni/explorer/issues/941) and will
offer users a way to explore OONI data focused on these specific themes. We
also added support for theme tags that will enable the display of relevant
reports on each thematic page of OONI Explorer (
https://github.com/ooni/explorer/pull/965). The launch date of these new
pages will be determined in the coming weeks.

*## Automating censorship detection and characterization based on OONI
measurements*

We released the OONI Pipeline v5.0.0-alpha4:
https://github.com/ooni/data/pull/83

As part of this release, we:
* Added a web interface for viewing observations;
* Added an API for returning aggregates of observations;
* Added a web view for plotting aggregates of observations;
* Added support for performing observation generation using multiple
cores (instead of multiple threads since it's CPU bound);
* Separated the observation activities into distinct smaller activities
allowing for more narrowly scoped scheduling and retry policies;
* Changed the type of PrevRange so that it's possible to serialize it in
JSON allowing to pass it as a parameter to activities;
* Moved the update_assets into the observation activity;
* Added support for passing config file via `CONFIG_FILE` environment
variable;
* Made improvements to the CLI commands;
* Dropped several CLI arguments that should only be read from the config
file;
* Made other improvements related to typing.

Following this release, we made some important improvements to the schema
of the observation tables. Specifically, we:
* Replaced observation_id with observation_idx (
https://github.com/ooni/data/issues/87);
* Used the PARTITION KEY for deduplication instead of running deletes (
https://github.com/ooni/data/issues/88).

These improvements are mainly targeted towards improving the performance of
update operations and making them more robust to reprocessing since
deduplication is handled natively using the MergeTree table engine
deduplication.

*## Data analysis for upcoming research report*

As part of an upcoming research report on internet censorship in Russia, we
analyzed OONI measurements collected from Russia over the past year. We
completed this data analysis in September 2024, and further details about
the analysis are available here: https://github.com/ooni/backend/issues/847



*## Activities supported by OTF FOSS### OONI Explorer*

Notably, we launched an improved navigation menu for OONI Explorer (
https://explorer.ooni.org/). This work is available here:
https://github.com/ooni/explorer/pull/950

Based on community feedback shared through our user research in previous
months, we improved the navigation menu of OONI Explorer to enhance the
discoverability of resources and to enable us to add upcoming new pages in
the next months.

*### OONI Probe Mobile*

We continued to make progress on our multi-platform project that aims to
refactor the OONI Probe mobile app. After making good progress on our
internal MVP, we turned our attention to leveraging our initial work to
start developing the iOS version of Deutsche Welle’s News Media Scan
application. This includes tasks like creating the onboarding flow (
https://github.com/ooni/probe-multiplatform/issues/104), building the
results summary view (https://github.com/ooni/probe-multiplatform/issues/109),
and adding the ability to filter results (
https://github.com/ooni/probe-multiplatform/issues/98). Additionally, we
worked on the ability to update OONI Run v2 tests for our own internal MVP (
https://github.com/ooni/probe-multiplatform/issues/53).

Here is a list of all issues completed in September 2024 for our
multi-platform project:
https://github.com/ooni/probe-multiplatform/issues?q=is%3Aissue+is%3Aclosed+closed%3A2024-09+

*### OONI Run*

As part of our final preparation for the launch of OONI Run v2, we took
steps to ensure that by releasing OONI Run v2 we would not accidentally
introduce any bugs that cause a drop in measurements. We improved our
ability to filter measurements by different release channels, ensuring we
can filter measurements by our open testing or “beta” channel for our
Android application on the Google Play store. This way, we can more
accurately compare different versions of our applications as we make
changes and enhancements so we can increase our confidence in not
introducing issues (https://github.com/ooni/probe/issues/2803).

*### OONI Backend Maintenance & DevOps*

We worked on switching api.ooni.org to be served from AWS (
https://github.com/ooni/devops/issues/94), focusing first on what was
necessary for the OONI Run v2 project so that both the mobile application
and the web-based dashboard use the production API. As part of that work,
we had to move our test helpers back to Digital Ocean as AWS was proving
too costly (https://github.com/ooni/devops/issues/91). We also worked on
several other items related to this overall task. (
https://github.com/ooni/devops/issues/93,
https://github.com/ooni/devops/issues/95).

*## Hiring process for OONI Junior Backend Developer job opening*

As part of the ongoing hiring process for a new OONI Junior Backend
Developer (https://ooni.org/post/2024-job-opening-ooni-backend-developer/),
we continued to review incoming applications and interview shortlisted
candidates.

*## Test list updates*

Throughout September 2024, we did multiple minor updates to the test lists
for Kenya, Algeria, Iran, Armenia, Georgia, and Uganda, as well as to the
Global test list. All of these updates have been merged (
https://github.com/citizenlab/test-lists/pulls?q=is%3Apr+is%3Aclosed).

We also reviewed and merged a more extensive update to the Cambodian test
list submitted by the iMAP project:
https://github.com/citizenlab/test-lists/pull/1699/files

*## Collaboration with agency to boost OONI’s social media presence*

In September 2024, we started collaborating with Latte (
https://www.lattecreative.com/en/), an agency in Rome which supports
organizations (including many nonprofit organizations, such as Amnesty
International and Greenpeace) on improving their communication, branding,
advocacy, and fundraising efforts. We are collaborating with Latte on
designing an end-of-year fundraising strategy with the goal of boosting
OONI’s donations, as well as on improving OONI’s communication and social
media presence.

*## Fellowship at the Berkman Klein Center for Internet and Society*

In September 2024, OONI’s Maria started a research fellowship at the
Berkman Klein Center for Internet and Society at Harvard University. As
part of her year-long fellowship, Maria will explore how internet
censorship changed globally over the past eight years through OONI data.
She will also carry out interviews to explore the role of advocacy and
circumvention tool groups in responding to emergent censorship events.

More information about the 2024-2025 Berkman Klein Center fellowship cohort
is available here:
https://cyber.harvard.edu/story/2024-07/incoming-2024-25-bkc-fellows



*## Rapid response### Blocking of Telegram in El Salvador*

On 15th September 2024, El Salvador blocked access to Telegram. On the same
day, we rapidly responded by sharing relevant OONI data and findings on
social media: https://x.com/OpenObservatory/status/1835360393906074078

The information we shared included a chart produced by OONI data analysis
that we performed to examine the reachability of Telegram IPs in El
Salvador by probe ASN and target. We found that access to Telegram was
blocked on at least 5 networks in El Salvador (starting from around 4am UTC
on 15th September 2024), with some ISPs blocking access to Telegram IPs,
while others blocked access to Telegram by means of TLS interference.

This blocking event resulted in a significant OONI measurement spike in El
Salvador on 15th September 2024, as well as in ongoing measurement coverage
thereafter (suggesting increased OONI Probe adoption and use of automated
testing following the block). This is evident through aggregated OONI
measurement coverage in El Salvador:
https://explorer.ooni.org/chart/mat?probe_cc=SV&since=2024-08-12&until=2024-10-12&time_grain=day&axis_x=measurement_start_day&test_name=telegram




*## Community use of OONI tools and data### Sinar Project Blocked or Not
tool*

Notably, our long-term Malaysian partner, Sinar Project (
https://sinarproject.org/), launched a new “Blocked or Not” tool, which
makes use of our miniooni research client and submits data to OONI.

Their tool is available here: https://blockedornot.sinarproject.org/

Sinar Project’s Blocked or Not tool is a web service that enables users to
easily and quickly check if a website is blocked or not in Malaysia.

*### Sinar Project report on the blocking of an entertainment platform*

On 20th September 2024, our partner, Sinar Project (
https://sinarproject.org/), published a report documenting the blocking of
ArtStation.com, a prominent platform for showcasing games, film, media, and
entertainment art. As part of their report, Sinar Project made use of OONI
data and encouraged further OONI Probe testing in Malaysia.

Read their report here:
https://imap.sinarproject.org/resources/internet-censorship-update-blocking-of-artstation-com-website

*### Access Now’s press statement on the blocking of Twitter/X in Tanzania*

In response to the blocking of Twitter/X in Tanzania, Access Now published
a press release condemning the blocking of the platform. Their press
release cites OONI data as technical evidence on the block.

Read their press statement here:
https://www.accessnow.org/press-release/civil-society-asks-who-blocked-x-tanzania/

*### Cloudflare blog post on a global assessment of third-party connection
tampering*

In September 2024, Cloudflare published a blog post providing a global
assessment of third-party connection tampering:
https://blog.cloudflare.com/connection-tampering/

As part of this post, they provide case studies through which they compare
Cloudflare TCP connection anomalies with OONI reports of connection
tampering. Specifically, they compared anomalous Cloudflare TCP connection
data with relevant OONI data from our reports on connection tampering cases
in Tanzania and Ethiopia, and found that relevant Cloudflare data was
consistent with OONI data. This is very interesting because by publishing
data on TCP connection anomalies (
https://radar.cloudflare.com/security-and-attacks#tcp-resets-and-timeouts),
Cloudflare enable researchers to have stronger signals of connection
tampering when compared (and corroborated) with OONI data (and other
relevant datasets).

Learn more about the launch of Cloudflare Radar’s new dashboard on TCP
resets and timeouts here: https://blog.cloudflare.com/tcp-resets-timeouts/



*## Community activities### Workshop for human rights defenders in Nepal*

On 19th September 2024, OONI’s Elizaveta facilitated an online OONI
workshop for human rights defenders in Nepal. This workshop was hosted in
coordination with our new partner, Digital Rights Nepal (
https://ooni.org/partners/digital-rights-nepal/).

*### Quarterly OONI Partner Meeting*

On 20th September 2024, we hosted the quarterly OONI Partner Meeting via an
online video platform.

As part of this meeting, we presented and discussed the OONI training
calendar for October 2024 and November 2024, which will involve a series of
online OONI workshops that we will facilitate for our partners.

These workshops include:

* Introduction to internet censorship (9th October 2024)
* How to use OONI Probe (16th October 2024)
* OONI Run v2 demo (23rd October 2024)
* Maintaining/updating the Citizen Lab test lists (6th November 2024)
* OONI Explorer #1 (13th November 2024)
* OONI Explorer #2 (20th November 2024)

As part of these upcoming workshops, we aim to share relevant skills and
knowledge to enable our partners to participate in OONI censorship
measurement activities in their countries and regions. As an outcome, we
hope that our partners will be equipped to share such knowledge further
with their communities.

As part of our Quarterly Partner Meeting, we also discussed updates to our
partnership MoUs, plans for censorship monitoring during the upcoming 2025
elections around the world, as well as plans for other future partner
events.

*### Global Gathering 2024*

Between 27th-29th September 2024, OONI’s Elizaveta and Jessie traveled to
Portugal to attend the Global Gathering 2024. The detailed agenda of the
event is available here:
https://wiki.digitalrights.community/index.php?title=Global_Gathering_Agenda_2024

As part of their participation, Elizaveta and Jessie:

Hosted an OONI booth, during which they provided a live demo of our
upcoming OONI Run v2 tool and shared OONI swag (27th and 29th September
2024)
Facilitated a discussion on rapid response (28th September 2024)

*### OONI Community Meeting*

On 24th September 2024, we hosted the monthly OONI Community Meeting on our
Slack channel (https://slack.ooni.org/).

As part of this meeting, we provided updates from the OONI team, and we
discussed the recent blocking of OONI Explorer in Russia, as well as the
(global) community’s need to measure the availability of more VPN services
and protocols.

*## Measurement coverage*

In September 2024, 56,049,250 OONI Probe measurements were collected from
3,182 networks in 176 countries around the world.

This information can also be found through our measurement stats on OONI
Explorer (see chart on “monthly coverage worldwide”):
https://explorer.ooni.org/

~ OONI team.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20241017/0230b808/attachment-0001.htm>


More information about the tor-project mailing list