belarus – Techdirt (original) (raw)
NSO Malware Discovered On The Phones Of Critics Of Putin And His Allies
from the NSO-may-be-down-but-its-software-is-still-running dept
Here’s yet more unsurprising news about Israeli malware developer NSO Group and its preferred customers. More phones infected by NSO’s flagship Pegasus malware have been discovered by Citizen Lab researchers. And yet again those targeted are journalists, critics, dissidents, and opposition leaders.
The latest investigation identifies seven additional Russian and Belarusian-speaking members of civil society and journalists living outside of Belarus and Russia who were targeted and/or infected with Pegasus spyware. Many of the targets publicly criticized the Russian government, including Russia’s invasion of Ukraine. These individuals, most of whom are currently living in exile, have faced intense threats from Russian and/or Belarusian state security services.
Even though the company is on the ropes, the software it sold to a variety of authoritarians and autocrats still exists. And it can still be used to target people these power-hungry governments don’t like.
What could possibly be the point of infecting phones owned by dissidents, journalists, and critics with malware pitched as a solution to violent crime and international terrorism? The entities NSO sold to have repeatedly made it clear they’ll spend millions on software for the sole reason of engaging in petty revenge operations. That’s because the governments in control of this spyware are too thin-skinned to deal with the normal downsides of being in the government business: criticism, dissent, and the rise of opposition leaders who stand for everything these governments don’t stand for.
While the revenge may be petty, the outcomes are far from trivial. Turning a phone into an active tracking device that also allows governments to eavesdrop on conversations and intercept communications means it is that much easier to locate the people you want to silence. As Citizen Lab points out, the retaliation against critics of Putin and his eastern European buddies is severe, ranging from travel bans to arrests. And there’s always the possibility that operatives will just try to kill critics — something Russian operatives have done multiple times.
While the news may be unsurprising, it’s helping keep NSO’s name in the news. The longer that lasts, the less chance there is that it will be able to slip back under the radar and continue business as usual.
It also provides another set of rebuttals to NSO’s multiple defenses of its products, sales tactics, and choice of customers. When the leak of NSO malware targets first occurred, the company claimed the list was bogus. And even if it was a list of targets, it was only a list of potential targets and not representative of how its customers deployed its products.
That list was full of journalists, critics, dissidents, opposition leaders, religious leaders, human rights advocates, and lawyers engaged in litigation against governments. That was the list the NSO Group claimed meant nothing. It was just a list and couldn’t be tied to NSO, its customers, or the people targeted by its customers.
Literally everything uncovered since that leak has shown the opposite to be the case: NSO’s customers directly or indirectly (by asking other governments to do their dirty work) target exactly the sort of people contained in this list. The malware NSO claims is a powerful tool that allows governments to track dangerous criminals and international terrorists is also just a way for governments to silence critics, eliminate inconvenient human obstacles, and otherwise ensure the narrative remains theirs alone. The deterrent effect of these actions is obvious.
NSO cannot claim to have clean hands. While it’s true it cannot prevent customers from abusive deployments of its malware, it could have refused sales to known human rights abusers. It’s not like this is news at this point. The first reports of NSO’s sales to miscreants like the Saudi government occurred more than a half-decade ago.
It’s not like a lot of the governments NSO sold to just recently started engaging in massive amounts of human rights violations. Every one of these questionable customers had been in the oppression business for years, if not for the entirety of their existence.
NSO has nowhere to go as long as these investigations and this sort of reporting continues. As long as the light remains bright enough, the shadows will be too small to hide in. So while this latest news may just be more of the same, it’s still essential.
Filed Under: activists, belarus, governments, israel, journalists, malware, oppression, russia, spyware, surveillance
Companies: nso group
Belarus Follows Russia’s Lead & Creates Unfriendly Countries List For Legalized Piracy
from the you-know-who-else-made-lists? dept
Roughly a year ago, we discussed Russia’s response to some of the sanctions the West was placing upon it, including its plan to simply legalize copyright infringement, so as to keep the country running despite the crippling sanctions. That blanket legalization plan morphed somewhat months later, when Russia instead pivoted to a plan to create a “unfriendly countries” list for which all kinds of copyright infringement would be legalized. Not surprisingly, that list of unfriendlies mostly amounted to any country that had sanctioned or criticized Russia’s unprovoked invasion of Ukraine. While these laws have yet to be implemented, none of the announcements by Russia created even the mildest surprise to the West.
Nor, likely, will Belarus’ recent announcement that it was following Russia down this path.
The country of Belarus recently passed a law that allows the use of intellectual property without the consent of copyright holders from so-called “unfriendly” foreign nations. This includes all copyrighted materials such as books, music, movies, TV shows, and computer software.
The law was signed by president Alexander Lukashenko earlier this month, making it legal in Belarus to access pirated materials if the rights holders are from “unfriendly nations,” meaning “foreign states that commit unfriendly actions against Belarusian legal entities and (or) individuals.”
If you were to want to make your own list, but one that ranks the closest allies of the Russian regime, that list, without a doubt, would have Belarus near the very top. Belarus is currently conducting military “training exercises” with Russia right on Ukraine’s border, leading Ukraine to believe another major and violent assault is coming shortly. Belarus also allowed Russia to route through its territory during the early days of the invasion, back when Putin thought he could take the entire country, including Kiev.
All of that is to say: it’s no surprise that Belarus is adopting Russia’s proposed stance like this and, frankly, it may simply be following Moscow’s orders in doing so. Perhaps even as a guinea pig, to see how the West responds before Russia goes down this path itself.
Belarus is a signatory to several treaties regarding intellectual property rights as part of the World Intellectual Property Organization, and the new law would violate its obligations under those treaties. In turn, this will likely isolate Belarus economically and prevent any investment in the country’s local creative industries. It may also influence Russia, which has also been considering laws intended to legalize use of unlicensed copyrighted content from some western countries.
My only quibble is with that last sentence, because I believe the way it begins likely has things exactly backwards. Russia is almost certainly influencing Belarus to take this step, not the other way around.
So what will this all do? Further isolate Belarus and, should Russia follow suit, Russia as well. It also serves as a nice demonstration for how futile it is for Western nations to spend so much time and capital advocating for stricter copyright enforcement throughout the world, given that other nations are happy to simply change course when it suts them.
Filed Under: belarus, copyright, piracy, russia
Experts Say Internet Shutdowns Don't Thwart Protests
from the the-last-refuge-of-simple-minds dept
Mon, Sep 21st 2020 06:25am - Karl Bode
Like so many authoritarians, Belarus “President” Alexander Lukashenko has taken to violence, intimidation, and censorship in a ham-fisted bid to stifle those critical of his dubious election win. On the technology side, that has involved hiring U.S. network gear maker Sandvine to help the country block citizens’ access to the broader internet. During August’s contested election, citizens found their access to social media outlets like Twitter and Facebook prohibited thanks to Sandvine and the Belarusian government, which originally tried to claim that the blockade was the result of a cyberattack. News outlets like CNN and the BBC, and search engines like Google, were also blocked.
Aside from being harmful, there’s increasing evidence that this kind of censorship simply doesn’t work. A recent study in the International Journal of Communications took a closer look at what happened to protest movements in African countries when governments attempted massive censorship of the internet, and it found that while there wasn’t evidence that such shutdowns drove greater unrest, there also was no evidence such behavior thwarted protests:
“For example, a social media blackout in Ethiopia in December 2017 ?completely failed? to suppress protests caused by ethnic tensions in part of the country, the authors wrote. There was actually a surge in clashes during the shutdown itself. The study used data on the locations of protests and whether they were considered violent or not, but the researchers didn?t have access to detailed information on the number of demonstrators present or what form their online activity had taken prior to the internet shutdown or social media blackout.
Experts have been quick to note such censorship doesn’t magically thwart the underlying grievances driving the protests, and creative protesters are likely to develop tools to bypass internet lockdowns anyway. In Belarus and countless other areas users most frequently simply migrate to VPNs to dodge the watchful eye of governments and their private sector allies like Sandvine (which, you’ll recall, played a starring role in the early days of the net neutrality fights here in the States).
At the end of the day, experts are clear that internet crackdowns are the last resort of cowardly authoritarians, whose last option is to try and drive further unrest in the hopes it somehow plays into their hands:
“It?s often as a ?last resort tactic? says Joss Wright, senior research fellow at the Oxford Internet Institute. But the strategy is also a crude one, he adds, noting that it can result in the spread of rumours and misinformation through other channels?with unpredictable consequences. Rydzak agrees: ?It?s about creating an atmosphere of fear and uncertainty.? As a blunt demonstration of power, he adds, shutdowns may heighten the overall sense of chaos in a country or locality, creating a fluid situation that authorities may hope ultimately plays into their hands.”
Except, again, there’s no indication that’s actually a successful tactic.
Filed Under: alexander lukashenko, belarus, free speech, internet shutdowns, protests
Companies: sandvine
No, Belarus Is Not Cut Off From The Internet, But New Restrictions Are Still Pretty Bad
from the could-be-worse-and-probably-will-be dept
There is a lot of excitement over news that Belarus has supposedly cut itself off from the rest of the Internet, with headlines like, “It is now illegal to access any foreign website in the Republic of Belarus“. Given the continuing concern over human rights in that country, this story has a certain plausibility to it. But it’s worth exploring what the law in question actually says, since the situation is rather more complex than such headlines imply.
Google Translate offers quite a clear translation of the new law (original in Russian), which has two main parts. The first concerns businesses:
> Business entities engaged in activities on the sale of goods, works and services in the Republic of Belarus with the use of information networks, systems and resources with an Internet connection, you should pay attention: if these networks, systems or resources are not available on the territory of Belarus and (or) not registered in the prescribed manner to the subjects can be applied to an administrative penalty of a fine from 10 to 30 base units.
That seems to say that all online businesses must be either located in Belarus, or registered there, which might be a problem for Amazon, say. Presumably the company could get around this if it set up a subsidiary in Belarus, and then sold goods from the site amazon.by ? except for the slight problem that this domain has already been taken by a water company. However, Amazon might well decide that it is not worth the effort, and simply block all connections from Belarus.
One issue is what exactly “services” includes in the above section. If, as some have suggested, this means companies offering email, it might stop people using Gmail, unless Google also sets up an arm in the country ? wisely, Google has already registered its domain in Belarus, google.by. Clearly, much depends on how the law is interpreted (and IANAL).
As for non-commercial sites like Wikipedia, say, the paragraph doesn’t seem to apply at all, since it only concerns businesses. However, they may well be caught by other parts of the law:
> Administrative penalty of a fine (ranging from 5 to 15 basic units) may be imposed on officials of the centers for collective use of the web services (computer clubs, Internet cafes, home networking, and other places, which provide shared access users of Internet services to Internet) in violation of legislation on the identification of client devices and users to record and store information about them, as well as Internet services rendered. > > It should also restrict user access to Internet services to the information gap for distribution in accordance with the laws (the information content of which is directed to carry out extremist activities, dissemination of pornographic materials, etc.). In case of violation of requirements to restrict access to this information also applies a penalty from 10 to 30 base units.
These sections deal with Internet cafes and even “home networks” ? connections shared among households. It requires users to be registered, the sites they visit recorded, and the usual censorship of pornographic and “extremist” materials. It’s easy to imagine even sites like Wikipedia being branded as such (after all, it happened in the UK), and thus being on the blacklist.
So while it is by no means true that Belarus has made accessing all sites outside the country illegal, it has certainly made it risky, if not impossible, to buy stuff on external sites. Worse, it confirms that Internet users must be spied upon, and “forbidden” sites must be blocked; taken together, these new measures allow the government of Belarus to exert extremely tight control over Internet users in the country. Moreover, with these systems in place, severing Belarus from the Internet for real would be relatively easy, if its government decided to take that extreme step.
Follow me @glynmoody on Twitter or identi.ca, and on Google+
Filed Under: belarus, censorship, foreign websites, internet filtering, privacy
Congress Condemns Belarus For Doing A Bunch Of Things It Wants To Do
from the seriously? dept
Recently, the House of Representatives passed a resolution condemning Belarus for various human rights violations. It lists out all the various rights violations, and some of them are certainly pretty bad, and I have no doubt that the government of Belarus is doing some highly questionable things. Yet, there’s one section of the resolution that seems especially interesting, given certain actions in Congress lately:
The Government of Belarus has restricted freedom of expression on the Internet by requiring Internet Service Providers to maintain data on Internet users and the sites they view and to provide such data to officials upon request, and by creating a government body with the authority to require Internet Service Providers to block Web sites.
Fascinating. Because, Congress here in the US is currently debating two bills that seem to do exactly that as well. There’s the data retention bill (disguised as an anti-child porn bill) and there’s the PROTECT IP Act, which would give the government power to require ISPs to effectively block web sites. It’s as if Congress doesn’t even realize what it’s doing and what it’s saying.
Filed Under: belarus, censorship, congress, internet filtering, privacy