Disclaimer: This is not a critique of Access or your report; it is a well-researched report with solid conclusions. In fact, you bring up the point I am about to make on page 11 of the report, which I appreciate. I bring this up because I think it could use discussion.
While spoofing civil society groups using fake domains is certainly deceptive, and most often carried out with the intent of attacking supporters of human rights, I would caution against denouncing the use of fake domain attacks altogether. As a tactic, fake domain attacks (and more generally impersonating organizations or companies) have been used by activists to target both corporations and non-profits (i.e. civil society groups) as a media stunt to highlight these groups' harmful practices. Some examples of this in the US recently include the PINK Loves Consent campaign [1] targeting Victoria's Secret (full disclosure: I worked on this), pretty much anything by the Yes Men [2], and (sort of) Susan G. Komen For the Cure [3]. Tactics which have duplicitous aims always need to be considered within the context of the campaign to measure their appropriateness, but I certainly think fake domain attacks can be used legitimately against both civil society groups and corporations for furthering human rights goals. We also shouldn't make the mistake of assuming all civil society groups are necessarily good or supportive of human rights; it's an implicit assumption I often see in international development discourses. But that's a whole other discussion... -Dan [1] http://www.huffingtonpost.com/2012/12/04/pink-loves-consent-underw_n_2239534.html http://www.huffingtonpost.com/erica-cheung/pink-loves-consent-victorias-secret_b_2264289.html [2] http://yeslab.org/museum [3] a website hack rather than a fake domain attack, but the same goal of impersonation for political awareness purposes: http://jezebel.com/5881765/komens-page-hacked-to-read-help-us-run-over-poor-women-on-the-way-to-the-bank On 09/11/2013 01:40 PM, Michael Carbone wrote: > Hi libtech, > > Back in May I asked for examples of fake websites and social media > that impersonate civil society and news organizations to include in > a report that we at Access were working on. Thanks to all those > who provided feedback, we have now released the report: > > One of These Things is Not Like the Other: A Report on Fake Domain > Attacks https://www.accessnow.org/FakeDomainsReport [pdf] > > The report details how civil society organizations and news media > are the targets of a variety of sophisticated attacks to compromise > their websites and users, including the use of fake websites and > social media profiles. These fake domain attacks may be created > with the intention to draw readership from the original website and > display alternative content, create confusion amongst a targeted > community, or serve malware to compromise the target audience of > the original website. Attacks were seen in countries as diverse as > Belarus, Iran, Vietnam, and Kazakhstan. > > We have observed these attacks on the eves of elections and other > important political events, including during critical social and > political periods. Attacks in Iran and Belarus attempted to > minimize the spread of information and disrupt potential civil > unrest during political elections and anniversaries. > > Other attacks in Belarus and Kazakhstan utilized the privileged > position internet service providers (ISPs) have in a user’s > interaction with websites to redirect them away from targeted > websites to the fake websites. In addition, many fake domains took > advantage of procuring similarly-named URLs as the targeted website > in order to provide a sense of trust to the unwary user. > > As news organizations and citizen media increasingly rely on > digital means to present their work, state-level adversaries are > relying on novel ways of diminishing their impact and targeting > their readers. Our data provides a window into the methods and > effectiveness of these attacks and the type of government > environment that gives rise to them. > > In addition, our report provides a number of mitigation mechanisms > – technical, policy, and legal – against fake domains for both > users and targeted websites. By providing such frameworks for > mitigating these attacks, we hope this report will give human > rights defenders some of the tools and understanding needed to > better protect themselves and their work in a hostile digital > world. > > In conjunction with the report, we have released an online tool > “Fake Domain Detective” (fakedomains.accessnow.org) to help > organizations and individuals search for fake domains of civil > society and independent media websites. If you run across any > suspected fake domains or have feedback on the tool, please share > your findings with us at repo...@accessnow.org. > > Blogpost with overview of the report: > https://www.accessnow.org/blog/2013/08/01/one-of-these-things-is-not-like-the-other-report-on-fake-domains-attacks-on > > Read the report [pdf]: > https://www.accessnow.org/FakeDomainsReport > > Test out the Fake Domain Detective: > http://fakedomains.accessnow.org > > Report suspected fake domains: repo...@accessnow.org > > The report was written and managed by Michael Carbone; data > analysis and visualization by Béchir Nemlaghi and Dillon Reisman; > policy and legal analysis by Peter Micek, Drew Mitnick, Wes > Paisley; design by Mira Rojanasakul; Brett Solomon, Gustaf > Björksten, Jochai Ben-Avie. > > Let me know if you have any thoughts or comments, thanks! > > Best, Michael > > -- http://disman.tl OpenPGP key: http://disman.tl/pgp.asc Fingerprint: 2480 095D 4B16 436F 35AB 7305 F670 74ED BD86 43A9 -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
