A great article in Forbes on Telecomix, a group of hackers that have aimed their sites, and hacking chops, on free-speech starved countries. The group has also exposed western (mostly American) technology firms whose products have (knowingly or unknowingly, depending on who you believe) slipped into the hands of state agencies bent on monitoring and suppressing uppity populaces.
One morning in mid-August, seven months into the Arab Spring protests and government crackdowns in which thousands have been killed, something strange happened on Syria’s Internet. As users aimed their Web browsers at Google and Facebook, they instead saw a page of white Arabic script scrawled across a black background.
“This is a deliberate, temporary Internet breakdown. Please read carefully and spread the following message,” it read. “Your Internet activity is monitored.”
Then the page switched to a white screen filled with instructions on using free encryption and anonymity software like Tor and TrueCrypt to evade surveillance and censorship. Emblazoned above the text was a round, mysterious symbol: a star inside an omega, hovering over a pyramid surrounded by lightning bolts. Below it were written the words: “This is Telecomix. We come in peace.”
Telecomix, a loose-knit team of international hacktivists, had been scanning the Syrian Internet in a massive sweep, dividing 700,000 target connections among its members in Germany, France and the U.S., probing for hackable devices with software tools like Nmap and Shodan. They compromised vulnerable Cisco Systems-produced network switches to find other devices’ passwords, snooped on open cameras revealing street scenes and even officials’ desks, and at one point retrieved the log-in credentials for 5,000 unsecured home routers, which they used to insert the surveillance warning (shown below) into browsers across the country.
As the globally-distributed hackers combed Syria’s networks and posted their findings in a crowd-sourced document, one American member of the group, who uses the handle Punkbob, spotted a Windows FTP server filled with data he recognized: logs from a Proxy SG 9000 appliance built by the Sunnyvale, Calif.-based company Blue Coat Systems. In Punkbob’s day job at a Pentagon contractor, he says, the same equipment had been used to intercept traffic to filter and track staff behavior. The Syrian machine’s logs showed the Internet activity of thousands of users, connecting the sites they attempted to visit and every word of their communications with the IP addresses that pointed directly to their homes. In short, he had discovered American technology being used to help a brutal dictatorship spy on its citizens.