Hello,
This email shares OONI’s monthly report for September 2024.
# OONI Monthly Report: September 2024
Throughout September 2024, the OONI team’s work can be tracked through the various OONI GitHub repositories: https://github.com/ooni
Highlights are shared in this report below.
## New partnership with Digital Rights Nepal
In September 2024, we established a new partnership with Digital Rights Nepal (https://digitalrightsnepal.org/), a leading non-profit organization dedicated to safeguarding and advancing digital rights in Nepal.
As part of our partnership, we will collaborate on studying internet censorship in Nepal. We published a page featuring Digital Rights Nepal as a new OONI partner and highlighting their important work: https://ooni.org/partners/digital-rights-nepal/
## Research report on internet censorship in Kazakhstan
On 19th September 2024, in collaboration with our partners Internet Freedom Kazakhstan (IFKZ) and Eurasian Digital Foundation, we co-published a new research report documenting TLS MITM attacks and the blocking of news media, human rights, and circumvention tool sites in Kazakhstan.
We published the research report in both:
- English: https://ooni.org/post/2024-kazakhstan-report/
- Russian: https://ooni.org/ru/post/2024-kazakhstan-report/
Our partner, Internet Freedom Kazakhstan (IFKZ), published the following article about our joint research report: https://ifkz.org/ru/article/internet-censorship-in-kazakhstan
Our report shares censorship findings based on the analysis of OONI data collected from Kazakhstan over the past year, as well as legal analysis and interviews with a few media representatives.
Our analysis of OONI data from Kazakhstan reveals:
- TLS Man-In-The-Middle (MITM) attacks
- Blocking of at least 17 news media websites
- Blocking of petition sites and of the Russian language edition of Amnesty International’s website
- Blocking of at least 73 circumvention tool websites
In almost all cases, the blocks appear to be implemented by means of TLS interference, as OONI data shows that the TLS handshakes result in timeout errors after the Client Hello message. This is observed uniformly on all tested networks in Kazakhstan during the analysis period.
Notably, we documented the use of the latest government-mandated root certificate authority (CA) – and its use to emit 6 distinct intermediate certificates – that were used to carry out TLS MITM attacks, targeting at least 14 domains on at least 19 networks in Kazakhstan. We found that these intermediate certificates were even being used to perform MITM attacks during periods of certificate invalidity.
Overall, as the timing and types of blocked URLs are consistent across networks, ISPs in Kazakhstan likely implement blocks in a coordinated manner. Coordination among ISPs is further suggested by the fact that we found the same certificate used by 19 distinct ISPs to implement TLS MITM attacks. These TLS MITM attacks raise concerns because such practices weaken the online privacy and security of internet users in Kazakhstan.
Our report received press coverage from the following outlets:
- FactCheck Kazakhstan: https://factcheck.kz/novosti/internet-tsenzura-v-kazahstane-rezultaty-issledovaniya-ifkz-i-ooni/
- Ulysmedia Kazakhstan: https://ulysmedia.kz/rassledovaniya/38144-ramki-rukopozhatiia-i-lichnye-dannye-ili-kak-v-kazakhstane-kontroliruetsia-svoboda-internet-slova/
- SecurityLab Russia: https://www.securitylab.ru/news/552299.php
- Sledstvie Info: https://sledstvie.info/news/45234-informatcionnaja_izoljatsija_kazahstana_kak_vlasti_otrezajut_grahdan_ot_globaljnyh_sobytij
## Report on the blocking of OONI Explorer in Russia
In September 2024, Russia started blocking access to OONI Explorer.
We published a report, documenting the blocking of OONI Explorer in Russia based on OONI data: https://ooni.org/post/2024-russia-blocked-ooni-explorer/
On 11th September 2024, we received an email from Roskomnadzor, informing us of their decision to block access to OONI Explorer. On the same day, OONI data shows that ISPs in Russia started implementing the block.
While Roskomnadzor mentioned their intention to restrict access to the Russian translation of our circumvention tool reachability measurements, in practice, the restriction is far-reaching. The block restricts access to all OONI data hosted on OONI Explorer.
On some networks in Russia, we are able to automatically confirm the blocking of OONI Explorer based on fingerprints. For example, OONI data shows that DNS resolution returns an IP that hosts a block page.
As part of this report, we made use of the data analysis capabilities of our upcoming OONI pipeline v5 to produce a chart with the breakdown of failure types and errors that enable the characterization of the block. On most networks in Russia, access to OONI Explorer appears to be blocked by means of TLS interference, as many measurements resulted in timeout errors and connection reset errors right after the Client Hello message during the TLS handshake.
On 18th September 2024, our Russian partner, Roskomsvoboda (https://roskomsvoboda.org/), shared news of the blocking of OONI Explorer with Russian communities via Telegram: https://t.me/ru_tech_talk/560
## Report on the blocking of Twitter/X in Tanzania
On 30th August 2024, Tanzania blocked access to Twitter/X.
In early September 2024, we published a short report on our Censorship Findings platform, documenting the block through OONI data.
Our report on the (temporary) blocking of Twitter/X in Tanzania is available here: : https://explorer.ooni.org/findings/188763810301
It’s worth noting that our community members also independently reported on the blocking of Twitter/X in Tanzania through the use of OONI tools and data:
https://x.com/MelamiVictoria/status/1829502734078185879
https://x.com/ZainaFoundation/status/1829536688890085645
## Report on the blocking of Twitter/X in Brazil
On 31st August 2024, Brazil blocked access to Twitter/X.
In early September 2024, we published a short report on our Censorship Findings platform, documenting the block through OONI data.
Our report on the blocking of Twitter/X in Brazil is available here: https://explorer.ooni.org/findings/174962608001
It’s worth noting that our community members also independently reported on the blocking of Twitter/X in Brazil through the use of OONI tools and data:
https://x.com/vesinfiltro/status/1830262921789669543
https://x.com/vinifortuna/status/1830349458384486599
https://x.com/OliverLinow/status/1829846237203333282
## Presenting thematic censorship findings on OONI Explorer
In September 2024, we started developing the new thematic censorship findings pages for OONI Explorer based on the user research and mockups designed in previous months. These pages will focus on OONI measurements pertaining to News Media (https://github.com/ooni/explorer/issues/940), Social Media (https://github.com/ooni/explorer/issues/939) and Circumvention Tools (https://github.com/ooni/explorer/issues/941) and will offer users a way to explore OONI data focused on these specific themes. We also added support for theme tags that will enable the display of relevant reports on each thematic page of OONI Explorer (https://github.com/ooni/explorer/pull/965). The launch date of these new pages will be determined in the coming weeks.
## Automating censorship detection and characterization based on OONI measurements
We released the OONI Pipeline v5.0.0-alpha4: https://github.com/ooni/data/pull/83
As part of this release, we:
- Added a web interface for viewing observations;
- Added an API for returning aggregates of observations;
- Added a web view for plotting aggregates of observations;
- Added support for performing observation generation using multiple
cores (instead of multiple threads since it’s CPU bound); - Separated the observation activities into distinct smaller activities allowing for more narrowly scoped scheduling and retry policies;
- Changed the type of PrevRange so that it’s possible to serialize it in JSON allowing to pass it as a parameter to activities;
- Moved the update_assets into the observation activity;
- Added support for passing config file via
CONFIG_FILE
environment variable; - Made improvements to the CLI commands;
- Dropped several CLI arguments that should only be read from the config file;
- Made other improvements related to typing.
Following this release, we made some important improvements to the schema of the observation tables. Specifically, we:
- Replaced observation_id with observation_idx (https://github.com/ooni/data/issues/87);
- Used the PARTITION KEY for deduplication instead of running deletes (https://github.com/ooni/data/issues/88).
These improvements are mainly targeted towards improving the performance of update operations and making them more robust to reprocessing since deduplication is handled natively using the MergeTree table engine deduplication.
## Data analysis for upcoming research report
As part of an upcoming research report on internet censorship in Russia, we analyzed OONI measurements collected from Russia over the past year. We completed this data analysis in September 2024, and further details about the analysis are available here: https://github.com/ooni/backend/issues/847
## Activities supported by OTF FOSS
### OONI Explorer
Notably, we launched an improved navigation menu for OONI Explorer (https://explorer.ooni.org/). This work is available here: https://github.com/ooni/explorer/pull/950
Based on community feedback shared through our user research in previous months, we improved the navigation menu of OONI Explorer to enhance the discoverability of resources and to enable us to add upcoming new pages in the next months.
### OONI Probe Mobile
We continued to make progress on our multi-platform project that aims to refactor the OONI Probe mobile app. After making good progress on our internal MVP, we turned our attention to leveraging our initial work to start developing the iOS version of Deutsche Welle’s News Media Scan application. This includes tasks like creating the onboarding flow (https://github.com/ooni/probe-multiplatform/issues/104), building the results summary view (https://github.com/ooni/probe-multiplatform/issues/109), and adding the ability to filter results (https://github.com/ooni/probe-multiplatform/issues/98). Additionally, we worked on the ability to update OONI Run v2 tests for our own internal MVP (https://github.com/ooni/probe-multiplatform/issues/53).
Here is a list of all issues completed in September 2024 for our multi-platform project: https://github.com/ooni/probe-multiplatform/issues?q=is%3Aissue+is%3Aclosed+closed%3A2024-09+
### OONI Run
As part of our final preparation for the launch of OONI Run v2, we took steps to ensure that by releasing OONI Run v2 we would not accidentally introduce any bugs that cause a drop in measurements. We improved our ability to filter measurements by different release channels, ensuring we can filter measurements by our open testing or “beta” channel for our Android application on the Google Play store. This way, we can more accurately compare different versions of our applications as we make changes and enhancements so we can increase our confidence in not introducing issues (https://github.com/ooni/probe/issues/2803).
### OONI Backend Maintenance & DevOps
We worked on switching api.ooni.org to be served from AWS (https://github.com/ooni/devops/issues/94), focusing first on what was necessary for the OONI Run v2 project so that both the mobile application and the web-based dashboard use the production API. As part of that work, we had to move our test helpers back to Digital Ocean as AWS was proving too costly (https://github.com/ooni/devops/issues/91). We also worked on several other items related to this overall task. (https://github.com/ooni/devops/issues/93, https://github.com/ooni/devops/issues/95).
## Hiring process for OONI Junior Backend Developer job opening
As part of the ongoing hiring process for a new OONI Junior Backend Developer (https://ooni.org/post/2024-job-opening-ooni-backend-developer/), we continued to review incoming applications and interview shortlisted candidates.
## Test list updates
Throughout September 2024, we did multiple minor updates to the test lists for Kenya, Algeria, Iran, Armenia, Georgia, and Uganda, as well as to the Global test list. All of these updates have been merged (https://github.com/citizenlab/test-lists/pulls?q=is%3Apr+is%3Aclosed).
We also reviewed and merged a more extensive update to the Cambodian test list submitted by the iMAP project: https://github.com/citizenlab/test-lists/pull/1699/files
## Collaboration with agency to boost OONI’s social media presence
In September 2024, we started collaborating with Latte (https://www.lattecreative.com/en/), an agency in Rome which supports organizations (including many nonprofit organizations, such as Amnesty International and Greenpeace) on improving their communication, branding, advocacy, and fundraising efforts. We are collaborating with Latte on designing an end-of-year fundraising strategy with the goal of boosting OONI’s donations, as well as on improving OONI’s communication and social media presence.
## Fellowship at the Berkman Klein Center for Internet and Society
In September 2024, OONI’s Maria started a research fellowship at the Berkman Klein Center for Internet and Society at Harvard University. As part of her year-long fellowship, Maria will explore how internet censorship changed globally over the past eight years through OONI data. She will also carry out interviews to explore the role of advocacy and circumvention tool groups in responding to emergent censorship events.
More information about the 2024-2025 Berkman Klein Center fellowship cohort is available here: https://cyber.harvard.edu/story/2024-07/incoming-2024-25-bkc-fellows
## Rapid response
### Blocking of Telegram in El Salvador
On 15th September 2024, El Salvador blocked access to Telegram. On the same day, we rapidly responded by sharing relevant OONI data and findings on social media: https://x.com/OpenObservatory/status/1835360393906074078
The information we shared included a chart produced by OONI data analysis that we performed to examine the reachability of Telegram IPs in El Salvador by probe ASN and target. We found that access to Telegram was blocked on at least 5 networks in El Salvador (starting from around 4am UTC on 15th September 2024), with some ISPs blocking access to Telegram IPs, while others blocked access to Telegram by means of TLS interference.
This blocking event resulted in a significant OONI measurement spike in El Salvador on 15th September 2024, as well as in ongoing measurement coverage thereafter (suggesting increased OONI Probe adoption and use of automated testing following the block). This is evident through aggregated OONI measurement coverage in El Salvador: https://explorer.ooni.org/chart/mat?probe_cc=SV&since=2024-08-12&until=2024-10-12&time_grain=day&axis_x=measurement_start_day&test_name=telegram
## Community use of OONI tools and data
### Sinar Project Blocked or Not tool
Notably, our long-term Malaysian partner, Sinar Project (https://sinarproject.org/), launched a new “Blocked or Not” tool, which makes use of our miniooni research client and submits data to OONI.
Their tool is available here: https://blockedornot.sinarproject.org/
Sinar Project’s Blocked or Not tool is a web service that enables users to easily and quickly check if a website is blocked or not in Malaysia.
### Sinar Project report on the blocking of an entertainment platform
On 20th September 2024, our partner, Sinar Project (https://sinarproject.org/), published a report documenting the blocking of ArtStation.com, a prominent platform for showcasing games, film, media, and entertainment art. As part of their report, Sinar Project made use of OONI data and encouraged further OONI Probe testing in Malaysia.
Read their report here: https://imap.sinarproject.org/resources/internet-censorship-update-blocking-of-artstation-com-website
### Access Now’s press statement on the blocking of Twitter/X in Tanzania
In response to the blocking of Twitter/X in Tanzania, Access Now published a press release condemning the blocking of the platform. Their press release cites OONI data as technical evidence on the block.
Read their press statement here: https://www.accessnow.org/press-release/civil-society-asks-who-blocked-x-tanzania/
### Cloudflare blog post on a global assessment of third-party connection tampering
In September 2024, Cloudflare published a blog post providing a global assessment of third-party connection tampering: https://blog.cloudflare.com/connection-tampering/
As part of this post, they provide case studies through which they compare Cloudflare TCP connection anomalies with OONI reports of connection tampering. Specifically, they compared anomalous Cloudflare TCP connection data with relevant OONI data from our reports on connection tampering cases in Tanzania and Ethiopia, and found that relevant Cloudflare data was consistent with OONI data. This is very interesting because by publishing data on TCP connection anomalies (https://radar.cloudflare.com/security-and-attacks#tcp-resets-and-timeouts), Cloudflare enable researchers to have stronger signals of connection tampering when compared (and corroborated) with OONI data (and other relevant datasets).
Learn more about the launch of Cloudflare Radar’s new dashboard on TCP resets and timeouts here: https://blog.cloudflare.com/tcp-resets-timeouts/
## Community activities
### Workshop for human rights defenders in Nepal
On 19th September 2024, OONI’s Elizaveta facilitated an online OONI workshop for human rights defenders in Nepal. This workshop was hosted in coordination with our new partner, Digital Rights Nepal (https://ooni.org/partners/digital-rights-nepal/).
### Quarterly OONI Partner Meeting
On 20th September 2024, we hosted the quarterly OONI Partner Meeting via an online video platform.
As part of this meeting, we presented and discussed the OONI training calendar for October 2024 and November 2024, which will involve a series of online OONI workshops that we will facilitate for our partners.
These workshops include:
- Introduction to internet censorship (9th October 2024)
- How to use OONI Probe (16th October 2024)
- OONI Run v2 demo (23rd October 2024)
- Maintaining/updating the Citizen Lab test lists (6th November 2024)
- OONI Explorer #1 (13th November 2024)
- OONI Explorer #2 (20th November 2024)
As part of these upcoming workshops, we aim to share relevant skills and knowledge to enable our partners to participate in OONI censorship measurement activities in their countries and regions. As an outcome, we hope that our partners will be equipped to share such knowledge further with their communities.
As part of our Quarterly Partner Meeting, we also discussed updates to our partnership MoUs, plans for censorship monitoring during the upcoming 2025 elections around the world, as well as plans for other future partner events.
### Global Gathering 2024
Between 27th-29th September 2024, OONI’s Elizaveta and Jessie traveled to Portugal to attend the Global Gathering 2024. The detailed agenda of the event is available here: https://wiki.digitalrights.community/index.php?title=Global_Gathering_Agenda_2024
As part of their participation, Elizaveta and Jessie:
Hosted an OONI booth, during which they provided a live demo of our upcoming OONI Run v2 tool and shared OONI swag (27th and 29th September 2024)
Facilitated a discussion on rapid response (28th September 2024)
### OONI Community Meeting
On 24th September 2024, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/).
As part of this meeting, we provided updates from the OONI team, and we discussed the recent blocking of OONI Explorer in Russia, as well as the (global) community’s need to measure the availability of more VPN services and protocols.
## Measurement coverage
In September 2024, 56,049,250 OONI Probe measurements were collected from 3,182 networks in 176 countries around the world.
This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/
~ OONI team.