a very small bird

Splunk IPO Statement on Export Regulations Compliance

admin — Sun, 06 May 2012 00:38:51 +0000

From Page 18 of Splunk Inc.’s SEC Form S-1, dated 12 January 2012.

We are subject to governmental export and import controls that could subject us to liability or impair our ability to compete in international markets.

Our products are subject to U.S. export controls, and we incorporate encryption technology into certain of our products. These encryption products and the underlying technology may be exported outside of the United States only with the required export authorizations, including by license, a license exception or other appropriate government authorizations, including the filing of an encryption registration. We shipped our encryption products prior to obtaining the required export authorizations. Accordingly, we have not fully complied with applicable encryption controls in the Export Administration Regulations. We are in the process of remediating our export compliance procedures to prevent such violations from recurring.

Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain products and services to countries, governments, and persons targeted by U.S. sanctions. While we are taking precautions to prevent our products and services from being shipped to U.S. sanctions targets, we believe that certain of our products that are available at no cost have been downloaded by persons in countries that are the subject of U.S. embargoes. These free downloads were likely made in violation of U.S. export control and sanctions laws. Based upon our inquiry to date, we believe that we have not had any paying customers in countries sanctioned by the U.S. Government, and have instituted procedures, including IP blocking, that are intended to prevent any downloads from being made into sanctioned countries in the future. In addition, we had not been screening our customers against the U.S. Government lists of prohibited persons, including the Treasury Department’s List of Specially Designated Nationals and the Commerce Department’s List of Denied Persons. Based upon our inquiry to date, we believe that we do not have any paying customers on any U.S. Government lists of prohibited persons. We are in the process of screening our non-paying customers to determine if we have permitted any free downloads to any prohibited persons. We are also instituting a process for screening all paying and non-paying customers against U.S. Government lists of prohibited persons going forward.

We are continuing to review this matter and new or different facts may be discovered in the course of our inquiry. In January 2012, we filed Initial Notifications of Voluntary Self Disclosures with the U.S. Department of Commerce’s Bureau of Industry and Security and the U.S. Department of Treasury’s Office of Foreign Assets Control concerning these potential violations. Once we complete our review, we will supplement the Initial Notifications by filing Final Disclosures with both agencies. If we are found to be in violation of U.S. sanctions or export control laws, it could result in fines or penalties for us and for individuals, including civil penalties of up to $250,000 or twice the value of the transaction, whichever is greater, per violation, and in the event of conviction for a criminal violation, fines of up to $1 million and possible incarceration for responsible employees and managers for willful and knowing violations. The voluntary disclosure processes with OFAC and BIS are in the initial stages, and we cannot predict when OFAC and BIS will complete their reviews or what enforcement action, if any, they will take.

We also note that if our channel partners fail to obtain appropriate import, export or re-export licenses or permits, we may also be adversely affected, through reputational harm as well as other negative consequences including government investigations and penalties. We presently incorporate export control compliance requirements in our channel partner agreements. Complying with export control and sanctions regulations for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities.

In addition, various countries regulate the import of certain encryption technology, including import permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our products or could limit our customers’ ability to implement our products in those countries. Changes in our products or future changes in export and import regulations may create delays in the introduction of our products in international markets, prevent our customers with international operations from deploying our products globally or, in some cases, prevent the export or import of our products to certain countries, governments, or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, financial condition and results of operations.

We are subject to governmental export and import controls that could subject us to liability or impair our ability to compete in international markets.

Our products are subject to U.S. export controls, and we incorporate encryption technology into certain of our products. These encryption products and the underlying technology may be exported outside of the United States only with the required export authorizations, including by license, a license exception or other appropriate government authorizations, including the filing of an encryption registration. We shipped our encryption products prior to obtaining the required export authorizations. Accordingly, we have not fully complied with applicable encryption controls in the Export Administration Regulations. We are in the process of remediating our export compliance procedures to prevent such violations from recurring.Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain products and services to countries, governments, and persons targeted by U.S. sanctions. While we are taking precautions to prevent our products and services from being shipped to U.S. sanctions targets, we believe that certain of our products that are available at no cost have been downloaded by persons in countries that are the subject of U.S. embargoes. These free downloads were likely made in violation of U.S. export control and sanctions laws. Based upon our inquiry to date, we believe that we have not had any paying customers in countries sanctioned by the U.S. Government, and have instituted procedures, including IP blocking, that are intended to prevent any downloads from being made into sanctioned countries in the future. In addition, we had not been screening our customers against the U.S. Government lists of prohibited persons, including the Treasury Department’s List of Specially Designated Nationals and the Commerce Department’s List of Denied Persons. Based upon our inquiry to date, we believe that we do not have any paying customers on any U.S. Government lists of prohibited persons. We are in the process of screening our non-paying customers to determine if we have permitted any free downloads to any prohibited persons. We are also instituting a process for screening all paying and non-paying customers against U.S. Government lists of prohibited persons going forward.We are continuing to review this matter and new or different facts may be discovered in the course of our inquiry. In January 2012, we filed Initial Notifications of Voluntary Self Disclosures with the U.S. Department of Commerce’s Bureau of Industry and Security and the U.S. Department of Treasury’s Office of Foreign Assets Control concerning these potential violations. Once we complete our review, we will supplement the Initial Notifications by filing Final Disclosures with both agencies. If we are found to be in violation of U.S. sanctions or export control laws, it could result in fines or penalties for us and for individuals, including civil penalties of up to $250,000 or twice the value of the transaction, whichever is greater, per violation, and in the event of conviction for a criminal violation, fines of up to $1 million and possible incarceration for responsible employees and managers for willful and knowing violations. The voluntary disclosure processes with OFAC and BIS are in the initial stages, and we cannot predict when OFAC and BIS will complete their reviews or what enforcement action, if any, they will take.We also note that if our channel partners fail to obtain appropriate import, export or re-export licenses or permits, we may also be adversely affected, through reputational harm as well as other negative consequences including government investigations and penalties. We presently incorporate export control compliance requirements in our channel partner agreements. Complying with export control and sanctions regulations for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities.In addition, various countries regulate the import of certain encryption technology, including import permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our products or could limit our customers’ ability to implement our products in those countries. Changes in our products or future changes in export and import regulations may create delays in the introduction of our products in international markets, prevent our customers with international operations from deploying our products globally or, in some cases, prevent the export or import of our products to certain countries, governments, or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, financial condition and results of operations.

Our products are subject to U.S. export controls, and we incorporate encryption technology into certain of our products. These encryption products and the underlying technology may be exported outside of the United States only with the required export authorizations, including by license, a license exception or other appropriate government authorizations, including the filing of an encryption registration. We shipped our encryption products prior to obtaining the required export authorizations. Accordingly, we have not fully complied with applicable encryption controls in the Export Administration Regulations. We are in the process of remediating our export compliance procedures to prevent such violations from recurring.

Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain products and services to countries, governments, and persons targeted by U.S. sanctions. While we are taking precautions to prevent our products and services from being shipped to U.S. sanctions targets, we believe that certain of our products that are available at no cost have been downloaded by persons in countries that are the subject of U.S. embargoes. These free downloads were likely made in violation of U.S. export control and sanctions laws. Based upon our inquiry to date, we believe that we have not had any paying customers in countries sanctioned by the U.S. Government, and have instituted procedures, including IP blocking, that are intended to prevent any downloads from being made into sanctioned countries in the future. In addition, we had not been screening our customers against the U.S. Government lists of prohibited persons, including the Treasury Department’s List of Specially Designated Nationals and the Commerce Department’s List of Denied Persons. Based upon our inquiry to date, we believe that we do not have any paying customers on any U.S. Government lists of prohibited persons. We are in the process of screening our non-paying customers to determine if we have permitted any free downloads to any prohibited persons. We are also instituting a process for screening all paying and non-paying customers against U.S. Government lists of prohibited persons going forward.

We are continuing to review this matter and new or different facts may be discovered in the course of our inquiry. In January 2012, we filed Initial Notifications of Voluntary Self Disclosures with the U.S. Department of Commerce’s Bureau of Industry and Security and the U.S. Department of Treasury’s Office of Foreign Assets Control concerning these potential violations. Once we complete our review, we will supplement the Initial Notifications by filing Final Disclosures with both agencies. If we are found to be in violation of U.S. sanctions or export control laws, it could result in fines or penalties for us and for individuals, including civil penalties of up to $250,000 or twice the value of the transaction, whichever is greater, per violation, and in the event of conviction for a criminal violation, fines of up to $1 million and possible incarceration for responsible employees and managers for willful and knowing violations. The voluntary disclosure processes with OFAC and BIS are in the initial stages, and we cannot predict when OFAC and BIS will complete their reviews or what enforcement action, if any, they will take.

We also note that if our channel partners fail to obtain appropriate import, export or re-export licenses or permits, we may also be adversely affected, through reputational harm as well as other negative consequences including government investigations and penalties. We presently incorporate export control compliance requirements in our channel partner agreements. Complying with export control and sanctions regulations for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities.

In addition, various countries regulate the import of certain encryption technology, including import permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our products or could limit our customers’ ability to implement our products in those countries. Changes in our products or future changes in export and import regulations may create delays in the introduction of our products in international markets, prevent our customers with international operations from deploying our products globally or, in some cases, prevent the export or import of our products to certain countries, governments, or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, financial condition and results of operations.

The Need for Community Participation and Clear Disclosure Processes in the Case of Ultrasurf

admin — Wed, 18 Apr 2012 02:29:55 +0000

Having been a party to the disclosure process, there were a number of occasions where communications broke down due to differences of definitions and intent. I had offered to review any draft of Ultrasurf’s response, however, it appears that they chose to publish without consultation. Throughout its existence, Ultrasurf’s support and funding has been hampered by the politics of US-Chinese foreign relations, and this document should be read as a political, rather than technical, rebuttal. The vendor was asked to provide an official, detailed response with the specific intent of correcting outdated information, but declined to do so and quietly updated the client recently. The vendor’s statement, in a bit of a crass fashion, brings up the issue of language barriers, a point that is exacerbated by the Tor paper and Ultrasurf reply having two separate audiences, so let me correct some of these miscommunications.

“We have pointed out to Tor that the paper does not reflect current versions of Ultrasurf. Unfortunately, the Tor project did not choose to accurately report information in its paper.”

The version that incorporates the latest changes (12.01) was quietly released at the beginning of the week to coincide with the release of the paper.

“Ultrasurf also often boasts of being untraceable when in fact they admitted to logging and disclosing user identifying logs to law enforcement when the data was requested.”

There are two separate issues in play here: traceability and logging. The latter was disclosed voluntarily by the vendor on a number of occasions and in the statement “Ultrasurf has never disclosed log files to the US government without a warrant.” Here their statement is incomplete as it does not address subpoenas or national security letters, as I understand, they have complied with the former and the latter I am not sure they are allowed to acknowledge. Ultrasurf’s threat model is solely obsessed with the police of authoritarian states, as Chinese expatriates, their understanding of American law not as nuanced and do not seem to be a substantial risk. Ultrasurf has previously presented data at private conferences were IP addresses were visible, however, they now assert that such demonstrates show country code, rather than address. The vendor categorically states under no other conditions was such information made available. This, and Google, form the basis of both parties opposing claims on log disclosure.

The traceability issue comes into play with the following statement:

“Tor provides no evidence that BlueCoat sells software and hardware that can break Ultrasurf.”

At times Ultrasurf has conflated traceability with claims of decryption. From Jacob’s paper and vendor disclosure, it appears that Ultrasurf uses standard encryption mechanisms that, if properly implemented, are considered reasonably secure. This obviously differs greatly from detecting Ultrasurf in transit, which Blue Coat and others have claimed to do. Using the traffic noted in §5.8 and §5.13 as indicators, it becomes easy to see how trivial the process of spotting Ultrasurf users can be. I would encourage anyone who is skeptical to try with the Telecomix logs. In fact, Ultrasurf themselves note “we do not claim that Ultrasurf is untraceable,” a claim that I believe was removed in the website revisions that resulted from both parties’ December meeting.

“For us, one of the most puzzling claims by the Tor researchers is that Ultrasurf is blocked in China.”

Difference of definition on the part of Tor and Ultrasurf. Ultrasurf releases new clients with new bootstraps in response to blocking — it is an aggressive mechanism of deploying new entry nodes that I am impressed seems to work reasonably well for them. However, the exit node IP pool has been consistent for several years and pretty easy to block. The same issue of definitions come up in whether Ultrasurf is one hop or two, but that is a digression that gets into infrastructure details that I will follow the vendor’s request not to disclose.

“We wish that Tor had approached us first so that we could use the information in the Tor paper as part of our continuing effort to improve user security.”

“Somebody is not being honest. Who do you trust?”

I believe Ultrasurf is referring to the final copy of the paper, which they received about a week and a half ago. However, as I am aware Ultrasurf was told all the details during a private meeting in December. As I was aware of the contents of the paper, the key points were discussed between myself and the vendor in March to ensure that the users would not be affected by the release of the paper.

“Moreover, we find Tor’s approach to be disingenuous; while they purport to want to protect Ultrasurf users, their chosen approach is to publicly release a detailed and explicit description of perceived vulnerabilities. Were it not for the fact that the security vulnerabilities identified have either already been closed or are superficial, this would be tantamount to providing oppressive governments with a roadmap to monitor our users and acquire their information.”

“I’m interested in your reply. Also, is it true that Tor and Ultrasurf compete for funding from the same agencies?”

My understanding was that these agencies have been encouraging a security review and offering technical assistance to all recipients of Internet Freedom funding. However, where intention matters is when it comes to rhetoric, the technical results of the paper cannot not be decided by where the author has benevolent or malicious intent. I regret Ultrasurf’s framing of this process, as I was a party to ensuring that the most significant holes were patched before the release of the paper. If the author’s motives were not intended to be responsible or constructive, the vendor would not have been given five months to close the most serious holes. The simple fact of the matter is that the majority of these issues were fixed within a short window of lead up to the publication and are directly attributable to Tor’s paper.

In the end, I believe the simple answer is for Ultrasurf is to remove its branding as a privacy service and participate more openly within the security research community. From my experience studying privacy and circumvention tool use, I suspect most of its users would not mind Google Analytics, et al if they were made aware. In countries such as Iran where proxy service use is common, even detectability is not a substantial issue. The issue is that the majority of the problems raised and remaining run contrary to the advertising claims made by Ultrasurf. There is certainly a space for tools that exist solely to connect people in repressive regimes to Facebook and Youtube. However, this does not negate the responsibility to disclose user risk and maintain the integrity of infrastructure. There are historical circumstances that have encouraged Ultrasurf to behave in a closed manner, none of which imply they act in bad-faith; I spent quite a deal of time with the hope that this first round of exchange continues with independent verification of the claims made in their statement and based on technical merits, rather than politics.T

On Monday, April 16 2012, Tor released a long-awaited paper assessing the security of the circumvent and privacy tool Ultrasurf.

Tor’s Disclosure: https://blog.torproject.org/blog/ultrasurf-definitive-review

Ultrasurf’s Response: http://ultrasurf.us/Ultrasurf-response-to-Tor-definitive-review.html

“We have pointed out to Tor that the paper does not reflect current versions of Ultrasurf. Unfortunately, the Tor project did not choose to accurately report information in its paper.”

The version that incorporates the latest changes (12.01) was quietly released at the beginning of the week to coincide with the release of the paper.

“Ultrasurf also often boasts of being untraceable when in fact they admitted to logging and disclosing user identifying logs to law enforcement when the data was requested.”

There are two separate issues in play here: traceability and logging. The latter was disclosed voluntarily by the vendor on a number of occasions and in the statement “Ultrasurf has never disclosed log files to the US government without a warrant.” Here their statement is incomplete as it does not address subpoenas or national security letters, as I understand, they have complied with the former and the latter I am not sure they are allowed to acknowledge. Ultrasurf’s threat model is solely obsessed with the police of authoritarian states, as Chinese expatriates, their understanding of American law not as nuanced and is not thought to be a substantial risk. Ultrasurf has previously presented data at private conferences where IP addresses were visible, however, they now assert that such demonstrates show country code, rather than address. The vendor categorically states under no other situations was user information made available. These scenarios, and Google, form the basis of both parties opposing claims on log disclosure.

The traceability issue comes into play with the following statement:

“Tor provides no evidence that BlueCoat sells software and hardware that can break Ultrasurf.”

“For us, one of the most puzzling claims by the Tor researchers is that Ultrasurf is blocked in China.”

Difference of definition on the part of Tor and Ultrasurf. Ultrasurf releases new clients with new bootstraps in response to blocking — it is an aggressive mechanism of deploying new entry nodes that I am impressed seems to work reasonably well for them. However, the exit node IP pool has been consistent for several years and is pretty easy to block. Old versions become obsolete quickly, hence the concern regarding update integrity. The same issue of definitions come up in whether Ultrasurf is one hop or two, but that is a digression that gets into infrastructure details that I will follow the vendor’s request not to disclose.

“We wish that Tor had approached us first so that we could use the information in the Tor paper as part of our continuing effort to improve user security.”

“Somebody is not being honest. Who do you trust?” – Tor Blog Comment

I believe Ultrasurf is referring to the final copy of the paper, which they received about a week and a half ago. However, as I am aware Ultrasurf was told all the details during a private meeting in December. As I was familiar with the contents of the paper, the key points were discussed between myself and the vendor in March to ensure that the users would not be affected by the release of the paper.

“Moreover, we find Tor’s approach to be disingenuous; while they purport to want to protect Ultrasurf users, their chosen approach is to publicly release a detailed and explicit description of perceived vulnerabilities. Were it not for the fact that the security vulnerabilities identified have either already been closed or are superficial, this would be tantamount to providing oppressive governments with a roadmap to monitor our users and acquire their information.”

“I’m interested in your reply. Also, is it true that Tor and Ultrasurf compete for funding from the same agencies?” – Tor Blog Comment

My understanding was that these agencies have been encouraging a security review and offering technical assistance to all recipients of Internet Freedom funding. However, where intention matters is when it comes to rhetoric, the technical results of the paper cannot not be decided by whether the author has benevolent or malicious intent. I regret Ultrasurf’s framing of this process, as I was a party to ensuring that the most significant holes were patched before the release of the paper. If the author’s motives were not intended to be responsible or constructive, the vendor would not have been given five months to close the most serious holes. The simple fact of the matter is that the majority of these issues were fixed within a short window of lead up to the publication and are directly attributable to Tor’s paper.

Tracing Incitement or Signaling through Terminology

admin — Mon, 16 Jan 2012 22:44:03 +0000

Elsewhere, a comment had been made on on the terminology used by diplomats for the Persian Gulf as incitement or signaling to Iran. As a hypothesis, this is both novel and easily testable. There are ample opportunities to quickly mine the online texts, such as the Department of Defense’s online transcripts, as a corpus of fourteen years of policy. The DoD list, as described by the departments, includes ‘all DOD news briefings and significant interviews.’ [1]

For the sake of time, I have parsed out all instances of the terms ‘Arab Gulf,’ ‘Arabian Gulf,’ ‘Persian Gulf,’ and ‘the Gulf.’ The terms were searched in a case sensitive manner, relying on the understanding of the transcriber as a means to avoid picking up general use of the term ‘gulf.’ One other caveat is that this doesn’t distinguish between reporters’ questions and official statements, however, I think the former is infrequent. Lastly, the quantity is based on occurrences rather than speeches. The original dataset is available in Google Docs. [2]

There is a clear and consistent trend to use the term ‘the Gulf,’ while the tendency to use ‘Persian Gulf’ has lessened across time. April 2003 and February 2000-February 2001 represent the periods where ‘Arabian Gulf’ found its greatest use.

[1] http://www.defense.gov/transcripts/
[2] https://docs.google.com/spreadsheet/ccc?key=0Amq69Ncu9Fp_dEVUTnMyLTFwb0pCTWFGNkpXVUpSaUE

Syria, eGovernance, Sanctions and an American Connection

admin — Wed, 30 Nov 2011 16:39:33 +0000

As Turkey follows the Arab League, Europe and the United States in sanctions against the Syrian economy, the intention is to stifle the ability of companies and government bureaucracy to carry out routine business by limiting available resources. The expectation of the West and its allies is that if business and political elites, not to mention the masses, begin to suffer, their willingness to support the Assad regime will ebb, opening opportunities for regime change. However, scarcity depends largely on the inability to find what is still available domestically, from countries not participating in the embargo or on the black market. For this reason, it is increasingly possible that open government and the Internet provides the possibility for regimes and businesses to buttress some aspects of sanctions.

In the pursuit of the origin of Syria’s censorship structure, the site SyrianTenders.com came up as a potential source of foreign solicitations for hardware and software. While the story that unfolded describes a more secretive process, SyrianTenders is by all means a mature business that has been in operation for at least two years, servicing a range of clients from Al Assad University Hospital to the Syrian Military’s Housing Authority. As of this posting, the site lists 870 tenders, the vast majority of which appear to still be open for bidding. ST even has a browser toolbar available to alert when the news tenders are posted based off its RSS feed. In some respects, what is particularly striking is how banal and low-quantity the needs are for all their stated urgency.

Anathema to my general line of research, there are very few requests for technology, instead requesting packaging for produce, mass transit buses, pipes and agricultural support. However, SyrianTenders does contain the types of hydroelectric components, oil production equipment and building materials that are exactly what foreign governments want to restrict in order to stifle domestic growth.

Tenders by Sector

Furthermore, some of the solicitations seem to openly reflect the unstable political situation of the country.

إعلان طلب عروض أسعار لتقديم وتركيب أجهزة إنارة مضادة للانفجار في مشروع مشفى المخرم – للمرة الثالثة – بالسرعة الكلية

(Declaration request bids for installation of lighting and anti-explosion in the hospital project openwork – for the third time – URGENT)

For the past month, it has been my deep desire to attempt to quantify the rate of posting of tenders as a test of the hypothesis that it correlates with sanctions-related scarcity. The problem is the site does not denote when a tender was posted or automatically delete old listings. Looking at cached copies shows times where the more tenders were available, but with higher rates of expiration. Regrettably then, no approach to this problem seems able without direct access to the database.

Following CitizenLab’s research, it is interesting to document the delivery of services for SyrianTenders. Sure enough, the associated address ‘207.32.185.22′ is owned by Nexcess, a Michigan-based hosting company specializing in e-Commerce. A recent addition, premium subscriptions for potential bidders (100 USD per 6 months), accepts payment by major credit card through Paypal. Taking it further with a whois on the syriantenders.com domain returns:

Administrative Contact:
ghashim, moe moe@kzresults.com
Walnut Bend Ln
Houston, Texas 77042
US
713 706 4380

On its contact page, Syrian Tenders lists.

Syrian Tenders
Aleppo – Syria – Cordoba Street
Phone : +963 95 6337522
Fax: +963212683456

Walnut Bend Ln

According to a lookup on the aggregator CorporationWiki, the specific Walnut Bend address is host to a number of business entities.

Companies at this address:
Mnc Group International, Inc.
Ghashim Capital Ventures Corporation
Sports Zone
Ghashim Group, Inc.

The domains associated with the server’s IP address support this as well, hosting:

7arake.com, fr-wear.com, golfshirtspro.com, jacketspro.com, labcoatsusa.com, mohanadghashim.com, signfurniture.com, sorrymenak.com, syriantenders.com, workshirtsusa.com, workuniform.com, zizac.com.

Among the domains is the link, ‘7arake.com,’ an ecommerce vendor with listed addresses for Aleppo, Syria (Cordoba St.) and Houston, TX (Walnut Bend Ln.). There 7arake describes its involvements with SyrianTenders.com as such:

SyrianTenders is the first website of its kind in Syria which electronically aggregates and categorizes all tenders advertised in the Syrian Arab Republic according to your company’s needs. 7arake is managing this site in partnership with Close2Edge.

(Close2Edge announced its merger with 7arake on September 17th, 2011 in a blog post that noted their close collaboration on SyrianTenders.)

It’s difficult to know what to make of SyrianTenders at this point. Its relationships and shell companies clearly violate Department of Commerce and Department of Treasury sanctions on doing business with Syria. On the other hand, is proves that there are markets in everything, and gives a fascinating overview of the situation on the ground in the country. It is deeply unfortunate that the historical data appears lost to the outside.

This is Definitely Not A BlueCoat Device In Syria.

admin — Tue, 11 Oct 2011 20:52:14 +0000

RE: BlueCoat Refutal of BlueCoat Devices in Syria, BlueCoat and Syria: Indicators and Culpability (me)

Mr. Steve Schick,

The device attached to 77.44.210.15 is not a BlueCoat SG-400 Appliance. Not a chance. None at all. And if it were, it would definitely not be an address owned by the Syrian Computer Society.

Nmap scan report for 77.44.210.15

Host is up (1.1s latency).

Not shown: 985 closed ports

PORT     STATE    SERVICE     VERSION

22/tcp   filtered ssh

23/tcp   filtered telnet

53/tcp   open     domain?

80/tcp   open     http        Blue Coat proxy server

|_html-title: Access Denied

81/tcp   open     http-proxy  BlueCoat SG-400 http proxy

135/tcp  filtered msrpc

139/tcp  filtered netbios-ssn

1720/tcp filtered H.323/Q.931

1723/tcp filtered pptp

2000/tcp filtered cisco-sccp

3128/tcp open     squid-http?

4444/tcp filtered krb524

5060/tcp filtered sip

8080/tcp open     http        Blue Coat proxy server

|_html-title: Access Denied

8082/tcp open     ssl/http    Blue Coat SG210 http proxy config

|_sslv2: server still supports SSLv2

|_html-title: Site doesn't have a title (text/plain; charset=utf-8).

| http-auth: HTTP Service requires authentication

|_  Auth type: Basic, realm = 77.44.210.15

2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :

==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============

SF-Port53-TCP:V=5.21%I=7%D=10/11%Time=4E94A92C%P=x86_64-redhat-linux-gnu%r

SF:(DNSVersionBindReq,44,"\0B\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version

SF:\x04bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\n\t\[secured\]\xc0

SF:\x0c\0\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");

==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============

SF-Port3128-TCP:V=5.21%I=7%D=10/11%Time=4E94A930%P=x86_64-redhat-linux-gnu

SF:%r(GetRequest,2F3,"HTTP/1\.1\x20403\x20Forbidden\r\nCache-Control:\x20n

SF:o-cache\r\nPragma:\x20no-cache\r\nContent-Type:\x20text/html;\x20charse

SF:t=utf-8\r\nConnection:\x20close\r\nContent-Length:\x20606\r\n\r\n

SF:\nAccess\x20Denied\n\n\n SF:=\"Helvetica\">\n 

\n\n

SF:>\n\n\n SF:NT\x20face=\"Helvetica\">\nAccess\x20Denied\x20\(policy_denied\) SF:big>\n

\n

\n\n\n\n SF:ica\">\nYour\x20system\x20policy\x20has\x20denied\x20access\x20to\x20th

SF:e\x20requested\x20URL\.\n\n\n\n SF:"Helvetica\">\n\n\n\n\n SF:ca\"\x20SIZE=2>\n

\nFor\x20assistance,\x20contact\x20your\x20network

SF:\x20support\x20team\.\n\n\n\n
\n SF:FONT>\n\n")%r(HTTPOptions,2F3,"HTTP/1\.1\x20403\x20Forbid

SF:den\r\nCache-Control:\x20no-cache\r\nPragma:\x20no-cache\r\nContent-Typ

SF:e:\x20text/html;\x20charset=utf-8\r\nConnection:\x20close\r\nContent-Le

SF:ngth:\x20606\r\n\r\n\nAccess\x20Denied\n SF:AD>\n\n\n 

SF:

\n\n
\n SF:th=\"80%\">\n\n\nAccess\x20Den

SF:ied\x20\(policy_denied\)\n

\n

\n\n\n SF:D>\n\nYour\x20system\x20policy\x20has\x20de

SF:nied\x20access\x20to\x20the\x20requested\x20URL\.\n\n\

SF:n\n\n\n\n\n SF:>\n\n

\nFor\x20assistance,\x20

SF:contact\x20your\x20network\x20support\x20team\.\n\n\n<

SF:/TABLE>\n
\n\n\n")%r(Socks5,363,"HTTP/

SF:1\.1\x20400\x20Bad\x20Request\r\nCache-Control:\x20no-cache\r\nPragma:\

SF:x20no-cache\r\nContent-Type:\x20text/html;\x20charset=utf-8\r\nProxy-Co

SF:nnection:\x20close\r\nConnection:\x20close\r\nContent-Length:\x20691\r\

SF:n\r\n\nRequest\x20Error\n\n\n SF:ONT\x20face=\"Helvetica\">\n 

\n\n

SF:
\n\n SF:R>\n\nRequest\x20Error\x20\(invali

SF:d_request\)\n

\n

\n\n\n\n SF:face=\"Helvetica\">\nYour\x20request\x20could\x20not\x20be\x20processed

SF:\.\x20Request\x20could\x20not\x20be\x20handled\n\n\n SF:R>\n\nThis\x20could\x20be\x20caused\x20

SF:by\x20a\x20misconfiguration,\x20or\x20possibly\x20a\x20malformed\x20req

SF:uest\.\n\n\n\n SF:IZE=2>\n

\nFor\x20assistance,\x20contact\x20your\x20network\x20suppo

SF:rt\x20team\.\n\n\n\n
\n\n SF:BODY>\n");

Device type: proxy server|general purpose|WAP|firewall

Running (JUST GUESSING) : Blue Coat SGOS 5.X (90%), FreeBSD 6.X (89%), AirSpan embedded (88%), Apple Mac OS X 10.5.X (87%), Netasq embedded (85%)

Aggressive OS guesses: Blue Coat SG200 proxy server (SGOS 5.1.4.4) (90%), FreeBSD 6.2-RELEASE (89%), AirSpan ProST WiMAX access point (88%), Apple Mac OS X 10.5 (Leopard) (Darwin 9.2.2, x86) (87%), Apple Mac OS X 10.5.5 - 10.6.1 (Leopard - Snow Leopard) (Darwin 9.5.0 - 10.0.0) (87%), FreeBSD 6.1-RELEASE (86%), Netasq U70 firewall (85%)

No exact OS matches for host (test conditions non-ideal).

Network Distance: 18 hops

Service Info: OS: SGOS; Device: proxy server
TRACEROUTE (using port 21/tcp)

HOP RTT        ADDRESS

1   0.53 ms    10.240.80.2

2   5.39 ms    ip-10-1-4-9.ec2.internal (10.1.4.9)

3   15.70 ms   ip-10-1-2-128.ec2.internal (10.1.2.128)

4   0.57 ms    216.182.232.12

5   0.58 ms    216.182.232.50

6   14.98 ms   72.21.222.148

7   2.08 ms    72.21.220.156

8   2.87 ms    dca-edge-18.inet.qwest.net (63.233.113.177)

9   2.51 ms    ae-3.r01.asbnva02.us.bb.gin.ntt.net (129.250.2.210)

10  1487.82 ms lon-sb2-i.LON.GB.NET.DTAG.DE (62.154.5.137)

11  --         lon-sb2-i.LON.GB.NET.DTAG.DE (62.156.131.149)

12  --         80.156.162.202

13  --         80.156.162.194

14  ... 16

17  --         77.44.201.206

18  --         77.44.210.15

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 401.84 seconds

 % Information related to '77.44.128.0 - 77.44.255.255'

inetnum:        77.44.128.0 - 77.44.255.255

org:            ORG-SCSs1-RIPE

netname:        SY-SCS-NET-20061220

descr:          Syrian Computer Society, scs

country:        SY

admin-c:        SN2832-RIPE

tech-c:         SN2832-RIPE

status:         ALLOCATED PA

mnt-by:         RIPE-NCC-HM-MNT

mnt-lower:      SCS-NOC

mnt-domains:    NOC-domains

mnt-routes:     SCS-NOC

mnt-routes:     STEMNT-1

source:         RIPE # Filtered

organisation:    ORG-SCSs1-RIPE

org-name:        Syrian Computer Society, scs

org-type:        LIR

address:         Syrian Computer Society, scs Beirut Street, Tishreen park 13365 Damascus Syrian Arab Republic

phone:           +963 11 371 2003

fax-no:          +963 11 37298030

e-mail:          noc@scs-net.org

mnt-ref:         SCS-NOC

mnt-ref:         RIPE-NCC-HM-MNT

mnt-by:          RIPE-NCC-HM-MNT

admin-c:         SH5359-RIPE

source:          RIPE # Filtered

role:            SCS NOC

address:         Damascus, Syia

mnt-by:          SCS-NOC

e-mail:          noc@scs-net.org

admin-c:         SH5359-RIPE

admin-c:         ML9004-RIPE

tech-c:          SH5359-RIPE

nic-hdl:         SN2832-RIPE

source:          RIPE # Filtered

I’m glad we have this resolved, Sir.

Cordially,

Collin Anderson

BlueCoat and Syria: Indicators and Culpability.

admin — Tue, 11 Oct 2011 16:59:40 +0000

On October 5, the technology collective Telecomix released a set of logs that documents the web traffic of users of Syrian Telecommunications Establishment (Syria Telecom). The logs had been deposited on a poorly secured filesystem by a set of network monitoring appliances built by the American company BlueCoat and, compressed, total about 54 GB. Leila Nachawati, of Global Voices, has expounded on the immediate censorship ramifications, however, there is much more to be documented in this rich data source.

As a point of reference, the logs follow the format:

date time time-taken c-ip cs-username cs-auth-group x-exception-id sc-filter-result cs-categories cs(Referer) sc-status s-action cs-method rs(Content-Type) cs-uri-scheme cs-host cs-uri-port cs-uri-path cs-uri-query cs-uri-extension cs(User-Agent) s-ip sc-bytes cs-bytes x-virus-id

2011-08-05 16:28:01 1 0.0.0.0 – - – OBSERVED “unavailable” – 200 TCP_HIT GET text/html http sp.cwfservice.net 80 /1/N/K962ZF9Z39/K9-00006/0/GET/HTTP/bluecoat.com/80// – - “ClientLibs Session” 82.137.200.42 275 151 -

Amongst a deluge of attempts to reach Facebook and pornography, a multitude of angles for research on the infrastructure of Syrian censorship and behavior of Internet users stands out. Considering the origin of the logs and pressing issues, one potential avenue would be the documentation of bluecoat-related accesses. Here one finds hundreds of iterations of the following line:

2011-08-05 16:28:01 1 0.0.0.0 – - – OBSERVED “unavailable” – 200 TCP_HIT GET text/html http sp.cwfservice.net 80 /1/N/K962ZF9Z39/K9-00006/0/GET/HTTP/bluecoat.com/80// - – “ClientLibs Session” 82.137.200.42 275 151 -

According to an address lookup, the registrant of the domain ‘cwfservice.net’ is:

Registrant:

Blue Coat Systems

Bluecoat Hostmaster

420 N Mary Ave

Sunnyvale, CA 94085

US

Email: hostmaster@bluecoat.com

Accessing this URL (http://sp.cwfservice.net/1/N/K962ZF9Z39/K9-00006/0/GET/HTTP/bluecoat.com/80//) returns a simple XML document containing:

04008000

26

According to a posting made on BlueCoat’s forums, the above line seems to describe the BlueCoat system connecting to the company’s ‘DRTR’ intelligent rating service. As described by a sales document for BlueCoat WebFilter.

Blue Coat WebFilter includes as a standard feature – our Dynamic Real-Time Rating (DRTR™) service; when users encounter a new Web page, DRTR can use extremely accurate artificial intelligence to confidently rate the page (typically in about 200 milliseconds) so that appropriate use and security policy can be enforced the first time the Webpage is encountered. DRTR is particularly accurate at rating potentially objectionable sites (rating up to 98% automatically).

Furthermore, it calls by device services such ‘PacketShaper’ indicates that the DRTR service is not the only mechanism that contacts the BlueCoat controlled ’sp.cwfservice.net.’

It would appear that all of Syria’s BlueCoat hardware calls home to update its ability to filter and monitor new objects that it has not encountered. Equally importantly, the Syrian logs are filled with queries related to BlueCoat systems, such as ‘bluecoat data collector,’ something that a general home user would have little interest in.

From personal experience with Iran, hardware will eventually find its way into sanctioned countries — restrictions increase price, not necessarily decreases availability. No company can reasonably be held accountable for second-hand sales, and many have increased their control of distributors as a result of leakages to embargoed countries. Furthermore, Telecomix’s exploration has found evidence for hardware from other manufacturers, namely Cisco and Barracuda, the former of which I have more faith to abide US trade restriction.

As we have seen elsewhere, the common interpretation of OFAC sanctions to embargoed countries is the denial of electronic services to known, national IP address ranges. It would appear that at least after August 14, these same level of restrictions apply to Syria as well. Unfortunately this date range of logs were not available to Telecomix. However, many technology providers appear to have interpreted sanctions to apply far before the Arab Spring-related pressures.

Syria has by all means built for itself the foundations of mature system of monitoring and censoring Internet traffic, and at its foundation is at least a two dozen accounted for BlueCoat ProxySG Appliances. By current count, there are more than a thousand queries to BlueCoat’s client services documented in a few days of traffic logs. Considering the extent of this traffic and the peculiarity of its origin, that BlueCoat was not aware of the existence of these devices appears implausible. Syria Telecom’s relationships with the Assad regime expose the company to the legal restrictions on services imposed by American embargoes on doing business to with the country. Regardless of who sold Syria these devices, BlueCoat has both the moral and legal responsibilities to end these services now.

Clarification (11.3.2011): It’s been noted that the specific entry cited may have been generated by Blue Coat’s free ‘K9′ desktop software. However, this was solely a matter of poor luck in my choice of examples to include. More functions appear to reach cwfservice.net, most of which are less likely to be a client application.

2011-08-03 09:01:05 277 0.0.0.0 – - – OBSERVED “none” – 200 TCP_MISS GET text/html http sp.cwfservice.net 80 /2/N/0477d7b851ad026ebf20ea158cf5164f/BLUSHPR1/0/GET/https/updates.bluecoat.com/443/ – - “PacketShaper” 82.137.200.48 270 305 -

Occupy Wall Street: Misreading Lessons from Tahrir

admin — Mon, 19 Sep 2011 05:14:24 +0000

This weekend, over a thousand protesters marched on Wall Street, with a couple hundred continuing into the night occupying Liberty Plaza in lower Manhattan. Echoed with enthusiastic, revolutionary glee was the impression that the event, planned over a few short weeks, was an extension of popular movements in Tunisia, Egypt, Greece and Spain, and a change in American discourse. Unfortunately, the event has come to represent, in execution, an extension of the same insular leftism with no broad appeal to the public.

Passive revolution.

Walking to cull through my photos from the day, I ran into a group holding a candle light vigil on the sidewalk. Knowing my neighborhood, I assumed the townhouse was an embassy and went to spy which. Northwest Dupont Circle is a hotbed of consulates for former and current pariah regimes, housing Belarus, Iraq, Zimbabwe within a few square blocks. As I ducked in to look and then walk away, I was flagged down by an older individual who wanted to explain that they were expatriate Eritrean,s protesting government oppression of democratic activists.

The difference in attitude was striking. For a group of eight, it was worthwhile to track me down and make the case for their cause; yet, the previous afternoon, little effort was made by the hundreds of protesters to engage the public.

Instead, the media model was clear. A sufficient number of protesters occupying a space for long enough would hypothetically attract the Television attention necessary to bring out the public and inconvenience the daytime residents of the neighborhood. The call to action was ‘bring your friends, stay the night and if you can’t stay — come back tomorrow.’

Lectures given and agreements were made that the police were working class comrades, deceived by the elites; however, few attempts were made to convert those lining the perimeter of the square. Those interlocutors that wandered in on their own will, were less at risk of being lectured on wealth inequality than they were on truths about the events that took place two blocks away and ten years ago, or imminent execution of a Georgian man.

Pluralism is Strength

The differences between ‘Occupy Wall Street’ and Egypt’s Tahrir Square couldn’t be more stark. Nowhere close to enough has been written about the internal process leading up to the early days of February, but one gleans the image of organizers moving into the coffeeshops to recruit the unemployed and dispossessed. On top of this legwork, preexisting civil society existed that the protesters could connect on a common cause. The lead up to Tahrir was not young students camping out, writing on Twitter, appealing to the media and waiting for the public to join. Instead, it was the process of

First:

…the Kifaya movement, a political formation that brought together Islamists, Muslim Brothers, communists, liberals, and secular-leftists, joined on the basis of a common demand for an end to the Mubarak regime…[1]

Second:

The organizational skills of the ultras, fanatical Cairo soccer fans, are emerging as opponents and supporters of embattled Egyptian President Hosni Mubarak determine the fate of the 82-year old Egyptian leader’s 30-year rule.[2]

At times it would seem that the Tea Party, a coalition of groups with extremely different social positions united by a few common goals, has more in common than Egypt’s revolutionaries.

Nothing of the sort of networking necessary for a movement happened that day on Wall Street. No attempt was made to bring in the public; and groups introspectively defined themselves to discuss the ambitions of the strike. More time was spent on the discussion of parliamentary systems and planning of events, than communications and outreach. As tourists wandered, unassailed, down the busy corridor of Broadway that constituted the border of the encampment, opportunities were lost.

Rhetoric Matters

The classic pattern occurred of working groups, self-indoctrination and sectarian debate. Instead, the protests seemed more bent of defining their unwillingness to participate in economic systems, than offering solutions to the public. By conflating wealth inequality with class warfare, the protesters closed off access to the majority of the public. Peripheral issues further this disengagement — confronting the narrative of September 11th, everyone is lost.

Lower Manhattan is not pre-revolution Egypt or Tunisia, and environmental comparisons fail in merit. The bombastic comments heard frequently about ‘not being afraid to go to jail or die,’ must certainly be based on the understanding that the latter is improbable and the former insignificant. The New York Police Department’s book, hold, release and drop policies are incomparable to the horrors of Evin Prison, and attempts to draw parallels insult real suffering. For that matter, such poor execution of civil disobedience is more liable to put off potential supporters than create social change.

Avoiding Alienation

To be sure, many in Liberty Plaza have been genuinely affected by the economics of the United States, and compelling stories exist in the crowd. One comment overheard embodied this.

To pay my way through a Bachelors in Biology, I worked in a hotel. When I graduated I couldn’t find a job in what I studied for, and the only reason I could find anything at all, was because of that previous hospitality experience, doing the same thing I was doing back then. It’s sad; that terrible job was worth more than my college diploma.

These are the stories that concern the general public and resonate more deeply than the idealist whose goal is to never work a nine-to-five job in their life while they seek to overthrow the status quo. No suburban parent will see themselves or their children in that individual.

What’s clear is that a compelling narrative exists to be seized by idealistic youth. The social politics of America is defined by a generation with a bleaker future than their predecessors — underemployed and lacking credibility — and the parents, concerned about their children’s future and their own. This is a nightmare that cuts across all sections of the public, from the cosmopolitan coasts to the rural Midwest. If the United States has its own Tahrir moment, it will begin with that simple fact.

–

[1] http://blogs.ssrc.org/tif/2011/02/09/the-road-to-tahrir/

[2] http://mideastsoccer.blogspot.com/2011/02/egyptian-ultra-tactics-evident-in.html

روشهای ساده برای جلوگیری از تجسس ناخواسته توسط گواهینامه های دیجیتال جعلی

admin — Wed, 31 Aug 2011 03:01:33 +0000

روشهای ساده برای جلوگیری از تجسس ناخواسته توسط گواهینامه های دیجیتال جعلی

همانطور که در سایت های خبری نوشته شد، ، از آغاز هفته پیش تعدادی از سرویس های ارائه کننده اینترنت در ایران از گواهینامه های امنیتی به سرقت رفته از شرکت هلندی “دیجی نوتار” برای حمله به سایت هایی نظیر گوگل استفاده کرده اند. این حمله برای نخستین بار در شهر مشهد شناسایی شده است، با این حال این حمله بسیاری از کاربران اینترنت در سراسر کشور را در بر می گیرد. براساس تحقیقات انجام شده، بسیاری از کاربران پارس آلاین، پیشگام، داتک و شاتل هدف این حمله بوده اند. حدس و گمانها بر این است که علاوه بر گوگل، سایت های دیگری نیز هدف حمله بوده اند که هنوز نام و مشخصات آنها گزارش نشده است. مقاله زیر در تلاش است تا راههای ساده ایی را برای پیشگیری و مقابله با این نوع حملات در اختیار خوانندگان قرار دهد.

راههای ساده برای مقابله با این مشکل:

از یکی از دو مرورگر گوگل کروم و یا فایرفاکس استفاده کنید. اگر در حال حاضر از این دو استفاده می کنید، مرورگرخود را بروز کنید.

کاربران فایرفاکس تنها لازم است که آخرین نسخه ایی که در روز سه شنبه 30 آگوست منتشر شده را دانلود کنند. برای اطلاعات بیشتر می توانید به تارنمای زیر مراجعه کنید:

http://support.mozilla.com/en-US/kb/deleting-diginotar-ca-cert

در تنظیمات کامپیوتر خود، نام کمپانی تولید کننده این گواهینامه جعلی را وارد کنید:

برای کاربران سیستم عامل مک:

به بخش Applications بروید. بر روی فولدر Utilities کلیک کنید و برنامه Keychain Access را باز کنید:

سپس مراحل زیر را انجام دهید:

در برنامه “Keychain Access” بر روی “System Roots” کلیک کنید و از میان گزینه ها، بر روی گزینه “ DigiNotar Root Ca” کلیک سمت راست کنید و گزینه “Get info” را انتخاب کنید:

سپس گزینه “Never Trust” را با توجه به تصویر بالا انتخاب کنید.

برای کاربران سیستم عامل ویندوز:

نام این شرکت از لیست شرکت های قابل اعتماد در اینترنت اکسپلورر حذف شده است. با این وجود توجه داشته باشید که مرورگر اینترنت اکسپلورر از سایر جهات امنیتی قابل اعتماد نیست و توصیه اکید این است که ازمرورگر فایرفاکس و یا گوگل کروم استفاده کنید.

میزان خسارت را به حداقل برسانید:

حتما رمز عبور خود را عوض کنید. استفاده از ترکیب عبارتها و ارقام طولانی و یا جملات طولانی که فقط برای شما معنی می دهد استفاده کنید. رمز عبور خود را در جای دیگری به جز برای ایمیل استفاده نکنید.

زمانی که مرورگر اینترنت به شما این هشدار را می دهد که سایتی که میخواهید وارد شوید قابل اعتماد نیست، این اخطار را نادیده نگیرید. این نوع اخطارها طبیعی نیست. این هشدارها به این معناست که چیز مهمی در سیستم امنیتی شما بهم ریخته و افراد دیگری احتمالا به سیستم شما رخنه کرده اند. تا زمانی که این اخطار را دریافت می کنید از ورود به سایت خودداری کنید.

جلوگیری از این نوع مشکلات در آینده:

در حال حاضر راهی برای مقابله مستقیم با این نوع حملات وجود ندارد. بهترین راه پیشگیری، حفظ امنیت و مشاهده دقیق تغییرات جزئی در سیستم است. با این حال برای محدود کردن این نوع حملات راهکارهای زیر را پیشنهاد می کنیم:

برای دور زدن سانسور از ابزارهای مانند “Tor” و یا وی پی ان استفاده کنید. استفاده از وی پی ان به معنی این نیست که سیستم شما کاملا در امان است. پیش از استفاده از وی پی ان، مطمئن شوید که منبع آن قابل اعتماد است.
به دارندگان گوشیهای هوشمند توصیه می کنیم تا از گزینه دو مرحله ایی احراز هویت در گوگل برای دسترسی به ایمیل خود استفاده کنند. با این روش برای دسترسی به حساب کاربری خود توسط یک کامپیوتر جدید، باید در ابتدا ارقامی که توسط گوگل به تلفن شما فرستاده می شود را وارد کنید تا بتوانید به حساب کاربری خود دسترسی داشته باشید. با این روش، اگر فردی به غیر از شما بخواهد به این ایمیل دسترسی داشته باشد باید تلفن شما را هم در اختیار داشته باشد.

برای اطلاعات بیشتر می توانید به تارنمای زیر مراجعه کنید:

http://www.google.com/support/accounts/bin/static.py?page=guide.cs&guide=1056283&topic=1056284

برای اطلاعات بیشتر در این زمینه می توانید با نویسنده این مقاله از طریق آدرس ایمیل زیر در ارتباط باشید:

Collin Anderson, collin@averysmallbird.com

PDF: PreventingSpyingfromFakedSecurityCertificatesPersian

Iran’s Political Culture According to Google

collin — Mon, 25 Apr 2011 19:46:34 +0000

Mousavi, Karoubi, Leader (Khamenei), Khomeini, Ahmadinejad

If Google’s search can reasonably predict elections in the US, to what extent does it indicate the current attitudes of the Iranian public?

Advice for Embassies Astroturfing Diaspora Support

collin — Sun, 10 Apr 2011 21:09:24 +0000

A few words of advice for embassies and foreign organizations attempting to create the notion of public support for the current regime; collected from the anecdotes and experiences gathered over the Arab Spring-White House protests.

When providing students with flags, vary the size and quality. While it’s unlikely that most college students and emigrants pack a flag in their suitcase, it’s even less plausible that they all tow the same version attached to new, identical Home Depot dowels. It’s understandable that you want picturesque scenes of nationalism for state-run media, so make a few changes. For one, desperation breeds creativity, and many people have resorted to craftwork — when your opposition has flags constructed of sheets of colored A4 paper mounted on cardboard, you risk revealing your rouse by upstaging them.
Don’t put your threats to cut off funds for visiting students in writing. Implicit warnings work just as well, and don’t get forwarded to the opposition movement.
Create a front organization — something progressive sounding, like ‘Students for Modern Governance.’ This has a twofold effect of countering the opposition’s battle for legitimacy through appearance of public support and creates a PR firewall. When an opposition protester steals a flag, they will be less likely to carelessly shout that its ‘property of the embassy.’
Keep minders with the pro-government protesters to ensure the efficacy of your threats or bribes. Without the motivation of personal conviction, history shows supporters generally show up for ten minutes, take pictures and flee the eire of the numerously-larger and more-impassioned diaspora.

Lastly, as a suggestion and not a rule, encourage your stalwarts to tone down gross display of excess wealth. Armani jackets and Gucci sunglasses run the risk of alienating people that don’t understand your society is built on ethnic-class politics.

Americans love the scrappy Jacobin.