IETF Logo Mail Archive

Re: [Pearg] Research Group Last Call for "A Survey of Worldwide Censorship Techniques"

Chelsea Komlo <chelsea.komlo@gmail.com> Tue, 30 June 2020 02:35 UTC

Return-Path: <chelsea.komlo@gmail.com>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3CDD3A0A09 for <pearg@ietfa.amsl.com>; Mon, 29 Jun 2020 19:35:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P9OLzhl3CBJ3 for <pearg@ietfa.amsl.com>; Mon, 29 Jun 2020 19:35:18 -0700 (PDT)
Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA4E63A0A04 for <pearg@irtf.org>; Mon, 29 Jun 2020 19:35:17 -0700 (PDT)
Received: by mail-wr1-x42e.google.com with SMTP id k6so18557742wrn.3 for <pearg@irtf.org>; Mon, 29 Jun 2020 19:35:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=elSe7rbRVD6j52v1dXFN9Erk1qzqxURb4uA3/ysuVzM=; b=PRFWyIB4BsEvQCjb0xV7OIafT9ovlFptaP9IjSiGZCy6oW1yQbqlTB1lJd4G546ph7 ExFwAk4GYnTq9krA22uMvnxCTHqpOTpd9jHw59qSL0hOV96Ue47Zp9xTu/MoPoTtB2kx neV5VVSSk4vwd6cJxgTEtTNBeY+W5qFyG7LL+rBqjaZRIMedJ3u2VyJ6AvC2i9VkWX+D spBW06fjPyn6UmGFPQ1dDtSE7MfDG7AlMZnKqtRXnk52SrenQm1jouGXLmkDNssjllu1 oXxCiLHj02RuEne3KPjgra+M5ZUHwhTwtLec9WVL8qfFP88NN8E2cjLiMEcYd6QHdCOx tgoA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=elSe7rbRVD6j52v1dXFN9Erk1qzqxURb4uA3/ysuVzM=; b=B/eARSdioZLcQSUBflVoENzlxD6/Tvs8D0Jpk3ZR0+lOoz1yrU8TXsm50SZsr5gutL cfY9IIzCW7ObWwByNIfH7PsifPu9Hi5olhvI3KSG9P1BfF7DHhzqGaN/7iVB5yufdnbQ iTH/jLlgIGxSMLCn72SvWE5q5eFG2p5oLmlA3XjOAmZMRY+ntQtQUhdtFFcJqym2bmms DEozf+U9Y0vLrhv7z5xnY7mmA8g5spfvptfIcAZI+G6kF6Ccsi1eGBMXxxCCpFatwtHc F5Rm+wgH2AxCmSgUMOoZWQUfv5eKqQ3qVddRSHsAsMPL/+T23huqve0BeDEhiJROTFKz 5bWA==
X-Gm-Message-State: AOAM53234b6pr2UzImN5zjry2eLuphtfOf6ZgDl+qvG1Nzsgt/VglXrv 6p4GI6BjV6s79rx4bz494w2xo0gO96ot2JkPNkmTfrZC
X-Google-Smtp-Source: ABdhPJxmAiTfL7pn2b3h2ALVEGMZC8HYY8JL2KXm6B9ewnPRy4O3LDmBu8I+c7YxqhokUqFKbAq6lhSTp9tWgn2dTuk=
X-Received: by 2002:a5d:6786:: with SMTP id v6mr19326022wru.258.1593484516081; Mon, 29 Jun 2020 19:35:16 -0700 (PDT)
MIME-Version: 1.0
References: <08f43a37-2b7b-418e-95a8-ed57484c66be@www.fastmail.com> <CAJoqpTLfjhbN7zYRcorJBD98hDgra=Q71RRNSsAKQgoWpT0eeA@mail.gmail.com> <bd7f0861-b2c1-6f06-c489-3d9af5e6ed1e@andersdotter.cc>
In-Reply-To: <bd7f0861-b2c1-6f06-c489-3d9af5e6ed1e@andersdotter.cc>
From: Chelsea Komlo <chelsea.komlo@gmail.com>
Date: Mon, 29 Jun 2020 20:35:04 -0600
Message-ID: <CAJoqpTJW4wNBLnBHpOk4rEspcDcNoi0-hwwOpi_3GUsje1gm2w@mail.gmail.com>
To: amelia@andersdotter.cc
Cc: Christopher Wood <caw@heapingbits.net>, pearg@irtf.org
Content-Type: multipart/alternative; boundary="0000000000008942a005a94406cd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/TeMNodHXKhz5oiI9Yeath9DWtsA>
Subject: Re: [Pearg] Research Group Last Call for "A Survey of Worldwide Censorship Techniques"
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2020 02:35:20 -0000

Hi Amelia,

On Mon, Jun 29, 2020 at 3:37 PM Amelia Andersdotter <amelia@andersdotter.cc>
wrote:

> On 2020-06-02 16:30, Chelsea Komlo wrote:
> >
> > - One important point is that while China is an extremely powerful
> > censor, they are often in a class of their own. I encourage including
> > a discussion of something like "censor maturity" or the technical
> > resources required to implement different techniques. There is a bit
> > of this discussion, but it can be better standardized and applied to
> > each technique. For example, IP blacklisting is trivial and does not
> > require significant infrastructure (and many censors do this), but
> > performing active probing to fingerprint protocols and block them on
> > the fly requires much more infrastructure and planning (and is
> > essentially only China, as I understand).
> >
> I'm hesitant about creating metrics that are specifically designed to
> capture the behaviour of certain jurisdictions. In Sweden, it used to be
> that the internet filtering industry was very strong and innovative. The
> royal family and the Swedish EU Commissioner[2] were heavily involved in
> advancing internet filters around the world. Now the Swedish local
> actors are over-taken by US competitors on both the domestic and
> European markets, for most part, but that's a question of scale and
> resources more than anything else. Also I suppose once the ground-work
> is there, it's easier to build on it - the cost goes down with time.
>
> But it made me think of something else too. Last year, I came across the
> case where a South-East Asian country had bought Chinese infrastructure,
> with government ministers in that country later telling the media that
> they would be able to log into everyone's Facebook account and remove
> posts without Facebook's active involvement or the involvement of the
> user. I sincerely doubted at that time (and still doubt) that the
> infrastructure deployed by this country could actually do that. Probably
> the government ministers had misunderstood the technologies they
> purchased, or wanted to over-sell its capacities with respect to the
> population to make them more afraid than they needed to be of
> repercussions.
>
>
Thanks for the response. My suggestion might have been unclear, so I'll
clarify. I don't think the document needs to give an overview of specific
regions as they are today. However, I do think classifying censorship
techniques by "how much effort it takes to implement" and "how much
technical maturity is required of the censor" helps identify the most
effective techniques to address, as opposed to techniques which are
theoretically possible but not often deployed in reality.

I'll give a heuristic example. Today, blocking based on IP address/domain
is so easy and effective for a censor that more advanced  techniques such
as traffic fingerprinting are not necessary for governments to successfully
censor content. What I have heard from practitioners is that there is
little evidence that fingerprinting-based censorship is being used today at
scale.

As far as this document goes, it will be valuable to provide deeper
classification of censorship techniques based on the cost/maturity for a
censor to implement, to ensure that protocol designers don't target
theoretically possible techniques while overlooking commonly deployed
techniques in practice.

Hope that addressed the above point.
Chelsea

-- 
Chelsea H. Komlo | chelseakomlo.com

v2.23.0 | Report a Bug | By Email