[liberationtech] Executive Order: "Targeting Human Rights Abuses Via Information Technology" (Syria, Iran)

Adam Fisk afisk at bravenewsoftware.org
Tue Apr 24 07:19:20 PDT 2012 

Thanks for breaking that down, Andrew. 

While I agree with Jillian that this could have been done earlier, I'd expand on to the "too little" part. First, there seems to be a notion that the US is the only country capable of building DPI boxes. The Chinese router manufacturers been beating up on Cisco for years, and they seem to do a pretty good job with DPI in China. Beyond that though, this is just a much larger problem. The problem is the data is there to be had at all. If you want to monitor people in your country, you simply can without much trouble. Sure you can install a fancy DPI box and import it from the US. Or not. If you're a country like Syria without much money and without much internet traffic, you can also just do it yourself for free *in software* or buy a cheaper Chinese alternative. The problem is the data is passing clear over the wire any way you cut it.

So how do we really solve this problem? Good ol' end-to-end encryption. And not just any encryption -- it's becoming increasingly clear that many weaker ciphers and/or stronger ciphers with short key lengths are broken -- we need really strong ciphers everywhere and to make them commonplace so they don't stick out. Sure there are still issues with anonymity even in that case, but not knowing what someone's saying while still knowing who's saying it is a huge step.

I just want to be clear this whole DPI thing is not a real solution -- other countries can, will, and are doing it -- we're not talking about nuclear centrifuges here. The real solution is much harder and much more important.

-Adam


On Apr 23, 2012, at 12:24 PM, Andrew Lewis wrote:

> I'd argue that sanctions are having a bigger impact then we are estimating, at least in Syria. I know that MTN is hemorrhaging cash and is about to plead with the Government to turn cell service back on across most of the country except a few key places. Syriatel isn't in good shape finically either, and the central governments resources are dwindling fast, because of a switchover to using the Euro as the default foreign currency from the dollar, the expense of sending all foreign cash transfers via one bank with a partner in lebanon, and the rising expense of converting SYP to any other currency. Now with the companies unable to transfer currency to any other foreign currency reserves, I think it will be incredibly hard for them to get new equipment in, and the government doesn't have or is unwilling to spend their currency reserves on the expenditures required to cover the newest equipment.  Outside of the "monitoring center" that  I've heard whispers about, no one is buying any new gear at the moment, and these sanctions might make it almost impossible to do so. I know that a nationwide network upgrade(PDN2) has ground to a halt while ZTE is trying to pull it's money out of the country as fast as possible. There needs to be a few more groups and people added to the sanctions to make it really effective, but I think that these new sanctions will have more impact then we think.
> 
> Iran is of course a different case, and as such a completely different discussion, and really out of my realm of direct experience.
> 
> 
> 
> 
> On Apr 23, 2012, at 3:00 PM, Jillian C. York wrote:
> 
>> Like I said, there's nothing inherently wrong with these restrictions and I hope they'll have an impact.
>> 
>> But, as you well know, the news about BlueCoat is now more than six months old (that's the too late part).  The "too little" part is that these do absolutely nothing to ensure that good technologies can reach Syrians which--as you also know--continues to be the number one complaint from the ground re: US involvement or lack thereof.  While governments will always find a way around export controls (unfortunately), citizens won't always.
>> 
>> On Mon, Apr 23, 2012 at 11:52 AM, Collin Anderson <collin at averysmallbird.com> wrote:
>> Jillian,
>> 
>> I would appreciate clarification on the statement "too little too late," I suspect we disagree on this somewhat, but was hoping you might expand the statement. 
>> 
>> After far as Bahrain, UAE, KSA, et al, of course there is a regrettable inconsistency in the application of human rights policies; nothing new here.
>> 
>> Cordially,
>> Collin
>> 
>> 
>> On Mon, Apr 23, 2012 at 1:25 PM, Jillian C. York <jilliancyork at gmail.com> wrote:
>> There's nothing wrong with it in letter, imho, nor is it overreaching (a good thing, considering the collateral damage of existing controls from Commerce).  That said, it's:
>> 
>> a) too little too late.
>> b) ridiculous that it only covers Syria and Iran and not Bahrain.
>> 
>> 
>> 
>> 
>> On Mon, Apr 23, 2012 at 10:04 AM, Andrew Lewis <andrew at pdqvpn.com> wrote:
>> Well....
>> 
>>  My fear is that either this will be fragrantly violated by cross shipping equipment via Dubai, or just lead to an increase in the purchase of new equipment from ZTE/Hauwei for all of the infrastructure. In the worst case scenario it creates a scapegoat similar to the one Cuba uses to explain away why infrastructure is so bad in country.   
>> 
>> 
>> They seem to also be missing quite a few players in the Syrian market specifically MTN-Syria, the number 2 in the local cell market, while also being a South African owned subsidiary company. 
>> 
>> On another note, these sanctions were announced parallel to another initiative to focus the US NSC on human rights and genocide, which sounds like an amazing step in the right direction. On the other hand I am still going to hold my breath until I see what it actually does. 
>> 
>> -Andrew 
>> 
>> 
>> On Apr 23, 2012, at 12:44 PM, Collin Anderson wrote:
>> 
>>> FYI
>>> 
>>> http://www.whitehouse.gov/the-press-office/2012/04/23/letter-blocking-property-and-suspending-entry-united-states-certain-pers
>>> http://www.whitehouse.gov/the-press-office/2012/04/23/executive-order-blocking-property-and-suspending-entry-united-states-cer
>>> http://www.treasury.gov/resource-center/sanctions/OFAC-Enforcement/Documents/ghravity_eo_fact_sheet.pdf
>>> 
>>> ----
>>> 
>>> Letter -- Blocking the Property and Suspending Entry into the United States of Certain Persons with Respect to Grave Human Rights Abuses by the Governments of Iran and Syria via Information Technology
>>> 
>>> Dear Mr. Speaker: (Dear Mr. President:)
>>> 
>>> Pursuant to the International Emergency Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), I hereby report that I have issued an Executive Order (the "order") that takes additional steps with respect to the national emergencies declared in Executive Order 12957 of March 15, 1995, and relied on for additional steps in subsequent Executive Orders, and in Executive Order 13338 of May 11, 2004, as modified in scope and relied on for additional steps in subsequent Executive Orders.
>>> 
>>> I have determined that the commission of serious human rights abuses against the people of Iran and Syria by their governments, facilitated by computer and network disruption, monitoring, and tracking by those governments, and abetted by entities in Iran and Syria that are complicit in those governments' malign use of technology for those purposes, threaten the national security and foreign policy of the United States. Consistent with the vital importance of providing technology that enables the Iranian and Syrian people to freely communicate with each other and the outside world, as well as the preservation, to the extent possible, of global telecommunications supply chains for essential products and services to enable the free flow of information, the measures in the order are designed primarily to address the need to prevent entities located in whole or in part in Iran and Syria from facilitating or committing serious human rights abuses. To address this situation, the order takes additional steps with respect to the national emergencies described above.
>>> 
>>> The order blocks the property and interests in property, and suspends entry into the United States, of persons listed in the Annex to the order, as well as persons determined by the Secretary of the Treasury, in consultation with or at the recommendation of the Secretary of State:
>>> 
>>>  to have operated, or to have directed the operation of, information and communications technology that facilitates computer or network disruption, monitoring, or tracking that could assist in or enable grave rights abuses by or on behalf of the Government of Iran or the Government of Syria;
>>> 
>>>  to have sold, leased, or otherwise provided, directly or indirectly, goods, services, or technology to Iran or Syria likely to be used to facilitate computer or network disruption, monitoring, or tracking that could assist in or enable grave human rights abuses by or on behalf of the Government of Iran or the Government of Syria;
>>> 
>>>  to have materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, the activities described above or any person whose property and interests in property are blocked pursuant to the order; or
>>> 
>>>  to be owned or controlled by, or to have acted or purported to act for or on behalf of, directly or indirectly, any person whose property and interests in property are blocked pursuant to the order.
>>> 
>>> I have delegated to the Secretary of the Treasury the authority, in consultation with the Secretary of State, to take such actions, including the promulgation of rules and regulations, and to employ all powers granted to the President by IEEPA, as may be necessary to carry out the purposes of the order.
>>> 
>>> All agencies of the United States Government are directed to take all appropriate measures within their authority to carry out the provisions of the order.
>>> 
>>> I am enclosing a copy of the Executive Order I have issued.
>>> 
>>> Sincerely,
>>> 
>>> BARACK OBAMA
>>> 
>>> -- 
>>> Collin David Anderson
>>> averysmallbird.com | @cda | Washington, D.C.
>>> 
>>> _______________________________________________
>>> liberationtech mailing list
>>> liberationtech at lists.stanford.edu
>>> 
>>> Should you need to change your subscription options, please go to:
>>> 
>>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>> 
>>> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
>>> 
>>> You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>> 
>>> Should you need immediate assistance, please contact the list moderator.
>>> 
>>> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
>> 
>> 
>> _______________________________________________
>> liberationtech mailing list
>> liberationtech at lists.stanford.edu
>> 
>> Should you need to change your subscription options, please go to:
>> 
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> 
>> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
>> 
>> You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> 
>> Should you need immediate assistance, please contact the list moderator.
>> 
>> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
>> 
>> 
>> 
>> -- 
>> +1-857-891-4244 | jilliancyork.com | @jilliancyork 
>> 
>> "We must not be afraid of dreaming the seemingly impossible if we want the seemingly impossible to become a reality" - Vaclav Havel
>> 
>> 
>> 
>> 
>> 
>> 
>> -- 
>> Collin David Anderson
>> averysmallbird.com | @cda | Washington, D.C.
>> 
>> 
>> 
>> 
>> -- 
>> +1-857-891-4244 | jilliancyork.com | @jilliancyork 
>> 
>> "We must not be afraid of dreaming the seemingly impossible if we want the seemingly impossible to become a reality" - Vaclav Havel
>> 
>> 
>> 
> 
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> Should you need immediate assistance, please contact the list moderator.
> 
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120424/be1e738f/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 881 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120424/be1e738f/attachment.sig>

More information about the liberationtech mailing list