In association with heise online

06 October 2011, 11:14

Syrian internet censors' log files released

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Syrian flag

At a meeting of Arab bloggers in Tunisia, internet activists from Telecomix released 54 GB of log files created by Syrian internet censors between 22 July and 5 August 2011. The data was obtained via a security hole in from filter systems developed by US company Blue Coat Systems, which were used in Syria. In the files released by Telecomix, logged IP addresses were anonymised to read, which was considered insufficient by those who have criticised the campaign.

Since Syria switched off its internet connections last June, the country has been targeted by Telecomix activists, who launched "Operation Syria" together with the Anonymous group of hacktivists. In September, the web sites of Syrian cities were hacked. Before these attacks, it became known that Syria uses web filters developed by Blue Coat Systems, although the US company denied having any business relationships with Syria. The log files were released to demonstrate how the Syrian regime controls its citizens' communications. The activists plan to use statistical analyses to identify the key words that aroused the monitors' suspicion – Telecomix says that "proxy" and "israel" have already been identified.

The release of the data was welcomed, as well as criticised, at the blogger meeting. Network specialists such as Tor programmer Jacob Applebaum think that, in addition to the anonymised IP addresses, the log files could contain names that would compromise the privacy of Syrian internet users.

Internet monitoring in Syria is not an isolated incident. In March 2011, it became known that the Finfisher software developed by Munich company Gamma had been used in Egypt. Although the software was supplied to the Egyptian authorities via the UK, a company employee said in an interview with German TV channel MDR's "Fakt" magazineGerman language linkPDF: "Finfisher is 100 per cent German and is developed in Germany. However, I can tell you straight away that it is distributed from the UK. But that's only because there isn't enough storage space at our offices. But it is definitely being developed in Germany." The Gaddafi regime in Libya also used such software, in that case Eagle, which is developed by Bull subsidiary Amesys in France, and the South African Zebra surveillance system by VAS-Tech, a company that became successful through contracts with Siemens.

Update (9/1/2012): In an interview with Forbes, Telecomix hackers say they did not find a security hole in the Blue Coat systems but in fact found the logs on an unsecured FTP server.

See also:

(Detlef Borchers / ehe)

Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit