Archivists Make Sure the Internet Doesn’t Forget Russia’s War on Ukraine

Curated on Posted on by Stefaan Verhulst

Karl Bode at VICE: “As the Russian invasion of Ukraine accelerates, professional and hobbyist archivists alike are rushing to preserve Ukraine’s online history, cataloging and storing everything from Ukrainian government and university websites, to the torrent of news and social media posts related to the accelerating conflict.

The Internet Archive has been archiving the broader conflict in Ukraine since 2014. But as Ukraine government websites face prolonged outages due to sustained cyber attack—as well as the looming risk of defacement or deletion—the organization has taken on another monumental task: backing up the entirety of the Ukrainian Internet.

Using the crowdsourced auto-archiving software running on a virtual machine they’ve dubbed Archive Team Warrior, the organization has leveraged volunteers around the world, many of whom have donated countless terabytes of storage capacity for the project. These volunteers have been steadily backing up the Ukrainian Internet since before the war began.

All told, 68 million items (web pages, documents, and other files) comprising more than 2.5 TB of data have already been hoovered up from various websites across the .ua top level Ukrainian domain. A second project dubbed Ukr-net aims to preserve tens of millions of additional items and terabytes of additional data across the Ukrainian Internet.

Elsewhere, organizations like the Center For Information Resilience have built a crowdsourced map attempting to document every single war-related post to social media made in the region, ranging from civilian photos of the movement of heavy Russian weaponry, to Ukranian government claims of alleged bombing raids on kindergardens…(More)”.

Ukraine prepares to remove data from Russia’s reach

Curated on Posted on by Stefaan Verhulst

Article by Eric Geller: “Ukraine’s government is preparing to wipe its computer servers and transfer its sensitive data out of Kyiv if Russian troops move to seize the capital, a senior Ukrainian cyber officialsaid Tuesday.

The worst-case contingency planning addresses an unintended consequence of a security measure the government took in 2014, when it began centralizing its computer systems after Russia and pro-Moscow separatists seized control of Crimea and the Donbas region.

That measure made it harder for Russian hackers to penetrate computers that store critical data and provide services such as pension benefits, or to use formerly government-run networks in the occupied territories to launch cyberattacks on Kyiv. But it’s also created a tempting target in the capital for Russia’s military, which has begun moving into separatist-controlled territories of eastern Ukraine.

Seizing Ukraine’s computer networks intact would give Moscow not only troves of classified documents but also detailed information about the population under its control. So Ukrainian President Volodymyr Zelenskyy’s administration says it isn’t taking any chances.

“We have plans and we have scenarios,” Victor Zhora, the deputy chief of Ukraine’s State Service of Special Communications and Information Protection, said in an interview from Kyiv. “We can move to new locations, we can save data and we can delete data and prevent capturing all this data,” even if Russian forces take control of the government’s offices….(More)”

Technology is revolutionizing how intelligence is gathered and analyzed – and opening a window onto Russian military activity around Ukraine

Curated on Posted on by Stefaan Verhulst

Craig Nazareth at The Conversation: “…Through information captured by commercial companies and individuals, the realities of Russia’s military posturing are accessible to anyone via internet search or news feed. Commercial imaging companies are posting up-to-the-minute, geographically precise images of Russia’s military forces. Several news agencies are regularly monitoring and reporting on the situation. TikTok users are posting video of Russian military equipment on rail cars allegedly on their way to augment forces already in position around Ukraine. And internet sleuths are tracking this flow of information.

This democratization of intelligence collection in most cases is a boon for intelligence professionals. Government analysts are filling the need for intelligence assessments using information sourced from across the internet instead of primarily relying on classified systems or expensive sensors high in the sky or arrayed on the planet.

However, sifting through terabytes of publicly available data for relevant information is difficult. Knowing that much of the data could be intentionally manipulated to deceive complicates the task.

Enter the practice of open-source intelligence. The U.S. director of national intelligence defines Open-Source Intelligence, or OSINT, as the collection, evaluation and analysis of publicly available information. The information sources include news reports, social media posts, YouTube videos and satellite imagery from commercial satellite operators.

OSINT communities and government agencies have developed best practices for OSINT, and there are numerous free tools. Analysts can use the tools to develop network charts of, for example, criminal organizations by scouring publicly available financial records for criminal activity.

Private investigators are using OSINT methods to support law enforcement, corporate and government needs. Armchair sleuths have used OSINT to expose corruption and criminal activity to authorities. In short, the majority of intelligence needs can be met through OSINT…

Even with OSINT best practices and tools, OSINT contributes to the information overload intelligence analysts have to contend with. The intelligence analyst is typically in a reactive mode trying to make sense of a constant stream of ambiguous raw data and information.

Machine learning, a set of techniques that allows computers to identify patterns in large amounts of data, is proving invaluable for processing OSINT information, particularly photos and videos. Computers are much faster at sifting through large datasets, so adopting machine learning tools and techniques to optimize the OSINT process is a necessity.

Identifying patterns makes it possible for computers to evaluate information for deception and credibility and predict future trends. For example, machine learning can be used to help determine whether information was produced by a human or by a bot or other computer program and whether a piece of data is authentic or fraudulent…(More)”.

The Government of Emergency: Vital Systems, Expertise, and the Politics of Security

Curated on Posted on by Stefaan Verhulst

Book by Stephen J. Collier and Andrew Lakoff: “From pandemic disease, to the disasters associated with global warming, to cyberattacks, today we face an increasing array of catastrophic threats. It is striking that, despite the diversity of these threats, experts and officials approach them in common terms: as future events that threaten to disrupt the vital, vulnerable systems upon which modern life depends.

The Government of Emergency tells the story of how this now taken-for-granted way of understanding and managing emergencies arose. Amid the Great Depression, World War II, and the Cold War, an array of experts and officials working in obscure government offices developed a new understanding of the nation as a complex of vital, vulnerable systems. They invented technical and administrative devices to mitigate the nation’s vulnerability, and organized a distinctive form of emergency government that would make it possible to prepare for and manage potentially catastrophic events.

Through these conceptual and technical inventions, Stephen Collier and Andrew Lakoff argue, vulnerability was defined as a particular kind of problem, one that continues to structure the approach of experts, officials, and policymakers to future emergencies…(More)”.

Law Enforcement and Technology: Using Social Media

Curated on Posted on by Stefaan Verhulst

Congressional Research Service Report: “As the ways in which individuals interact continue to evolve, social media has had an increasing role in facilitating communication and the sharing of content online—including moderated and unmoderated, user-generated content. Over 70% of U.S. adults are estimated to have used social media in 2021. Law enforcement has also turned to social media to help in its operations. Broadly, law enforcement relies on social media as a tool for information sharing as well as for gathering information to assist in investigations.


Social Media as a Communications Tool. Social media is one of many tools law enforcement can use to connect with the community. They may use it, for instance, to push out bulletins on wanted persons and establish tip lines to crowdsource potential investigative leads. It provides degrees of speed and reach unmatched by many other forms of communication law enforcement can use to connect with the public. Officials and researchers have highlighted social media as a tool that, if used properly, can enhance community policing.

Social Media and Investigations. Social media is one tool in agencies’ investigative toolkits to help establish investigative leads and assemble evidence on potential suspects. There are no federal laws that specifically govern law enforcement agencies’ use of information obtained from social media sites, but their ability to obtain or use certain information may be influenced by social media companies’ policies as well as law enforcement agencies’ own social media policies and the rules of criminal procedure. When individuals post content on social media platforms without audience restrictions, anyone— including law enforcement—can access this content without court authorization. However, some information that individuals post on social media may be restricted—by user choice or platform policies—in the scope of audience that may access it. In the instances where law enforcement does not have public access to information, they may rely on a number of tools and techniques, such as informants or undercover operations, to gain access to it. Law enforcement may also require social media platforms to provide access to certain restricted information through a warrant, subpoena, or other court order.

Social Media and Intelligence Gathering. The use of social media to gather intelligence has generated particular interest from policymakers, analysts, and the public. Social media companies have weighed in on the issue of social media monitoring by law enforcement, and some platforms have modified their policies to expressly prohibit their user data from being used by law enforcement to monitor social media. Law enforcement agencies themselves have reportedly grappled with the extent to which they should gather and rely on information and intelligence gleaned from social media. For instance, some observers have suggested that agencies may be reluctant to regularly analyze public social media posts because that could be viewed as spying on the American public and could subsequently chill free speech protected under the First Amendment…(More)”.

A data ‘black hole’: Europol ordered to delete vast store of personal data

Curated on Posted on by Stefaan Verhulst

Article by Apostolis Fotiadis, Ludek Stavinoha, Giacomo Zandonini, Daniel Howden: “…The EU’s police agency, Europol, will be forced to delete much of a vast store of personal data that it has been found to have amassed unlawfully by the bloc’s data protection watchdog. The unprecedented finding from the European Data Protection Supervisor (EDPS) targets what privacy experts are calling a “big data ark” containing billions of points of information. Sensitive data in the ark has been drawn from crime reports, hacked from encrypted phone services and sampled from asylum seekers never involved in any crime.

According to internal documents seen by the Guardian, Europol’s cache contains at least 4 petabytes – equivalent to 3m CD-Roms or a fifth of the entire contents of the US Library of Congress. Data protection advocates say the volume of information held on Europol’s systems amounts to mass surveillance and is a step on its road to becoming a European counterpart to the US National Security Agency (NSA), the organisation whose clandestine online spying was revealed by whistleblower Edward Snowden….(More)”.

Little Rock Shows How Open Data Drives Resident Engagement

Curated on Posted on by Stefaan Verhulst

Blog by  Ross Schwartz: “The 12th Street corridor is in the heart of Little Rock, stretching west from downtown across multiple neighborhoods. But for years the area had suffered from high crime rates and disinvestment, and is considered a food desert.

With the intention of improving public safety and supporting efforts to revitalize the area, the City built a new police station in 2014 on the street. And, in the years following, as city staff ramped up efforts to place data at the center of problem-solving, it began to hold two-day-long “Data Academy” trainings for city employees and residents on foundational data practices, including data analysis.

Responding to public safety concerns, a 2018 Data Academy training focused on 12th Street. A cross-department team dug into data sets to understand the challenges facing the area, looking at variables including crime, building code violations, and poverty. It turned out the neighborhood with the highest levels of crime and blight was actually blocks away from 12th Street itself, in Midtown. A predominantly African-American neighborhood just east of the University of Arkansas at Little Rock campus, Midtown has a mix of older longtime homeowners and younger renters.

“It was a real data-driven ‘a-ha’ moment — an example of what you can understand about a city if you have the right data sets and look in the right places,” says Melissa Bridges, Little Rock’s performance and innovation coordinator. With support from What Works Cities (WWC), for the last five years she’s led Little Rock’s efforts to build open data and performance measurement resources and infrastructure…

Newly aware of Midtown’s challenges, city officials decided to engage residents in the neighborhood and adjacent areas. Data Academy members hosted a human-centered design workshop, during which residents were given the opportunity to self-prioritize their pressing concerns. Rather than lead the workshop, officials from various city departments quietly observed the discussion.

The main issue that emerged? Many parts of Midtown were poorly lit due to broken or blocked streetlights. Many residents didn’t feel safe and didn’t know how to alert the City to get lights fixed or vegetation cut back. A review of 311 request data showed that few streetlight problems in the area were ever reported to the City.

Aware of studies showing the correlation between dark streets and crime, the City designed a streetlight canvassing project in partnership with area neighborhood associations to engage and empower residents. Bridges and her team built canvassing route maps using Google Maps and Little Rock Citizen Connect, which collects 311 requests and other data sets. Then they gathered resident volunteers to walk or drive Midtown’s streets on a Friday night, using the City’s 311 mobile app to make a light service request and tag the location….(More)”.

A Vulnerable System: The History of Information Security in the Computer Age

Curated on Posted on by Stefaan Verhulst

Book by Andrew J. Stewart: As threats to the security of information pervade the fabric of everyday life, A Vulnerable System describes how, even as the demand for information security increases, the needs of society are not being met. The result is that the confidentiality of our personal data, the integrity of our elections, and the stability of foreign relations between countries are increasingly at risk.

Andrew J. Stewart convincingly shows that emergency software patches and new security products cannot provide the solution to threats such as computer hacking, viruses, software vulnerabilities, and electronic spying. Profound underlying structural problems must first be understood, confronted, and then addressed.

A Vulnerable System delivers a long view of the history of information security, beginning with the creation of the first digital computers during the Cold War. From the key institutions of the so-called military industrial complex in the 1950s to Silicon Valley start-ups in the 2020s, the relentless pursuit of new technologies has come at great cost. The absence of knowledge regarding the history of information security has caused the lessons of the past to be forsaken for the novelty of the present, and has led us to be collectively unable to meet the needs of the current day. From the very beginning of the information age, claims of secure systems have been crushed by practical reality.

The myriad risks to technology, Stewart reveals, cannot be addressed without first understanding how we arrived at this moment. A Vulnerable System is an enlightening and sobering history of a topic that affects crucial aspects of our lives….(More)”.

Afghan people face an impossible choice over their digital footprint

Curated on Posted on by Stefaan Verhulst

Nighat Dad at New Scientist: “The swift progress of the Taliban in Afghanistan has been truly shocking…Though the Taliban spokesperson Zabihullah Mujahid told the press conference that it wouldn’t be seeking “revenge” against people who had opposed them, many Afghan people are understandably still worried. On top of this, they — including those who worked with Western forces and international NGOs, as well as foreign journalists — have been unable to leave the country, as flight capacity has been taken over by Western countries evacuating their citizens.

As such, people have been attempting to move quickly to erase their digital footprints, built up during the 20 years of the previous US-backed governments. Some Afghan activists have been reaching out to me directly to help them put in place robust mobile security and asking how to trigger a mass deletion of their data.

The last time the Taliban was in power, social media barely existed and smartphones had yet to take off. Now, around 4 million people in Afghanistan regularly use social media. Yet, despite the huge rise of digital technologies, a comparative rise in digital security hasn’t happened.

There are few digital security resources that are suitable for people in Afghanistan to use. The leading guide on how to properly delete your digital history by Human Rights First is a brilliant place to start. But unfortunately it is only available in English and unofficially in Farsi. There are also some other guides available in Farsi thanks to the thriving community of tech enthusiasts who have been working for human rights activists living in Iran for years.

However, many of these guides will still be unintelligible for those in Afghanistan who speak Dari or Pashto, for example…

People in Afghanistan who worked with Western forces also face an impossible choice as countries where they might seek asylum often require digital proof of their collaboration. Keep this evidence and they risk persecution from the Taliban, delete it and they may find their only way out no longer available.

Millions of people’s lives will now be vastly different due to the regime change. Digital security feels like one thing that could have been sorted out in advance. We are yet to see exactly how Taliban 2.0 will be different to that which went before. And while the so-called War on Terror appears to be over, I fear a digital terror offensive may just be beginning…(More).

“We do not feel safe”: A Kabul-based crisis alert app struggles to protect its own employees

Curated on Posted on by Stefaan Verhulst

Q and A with Sara Wahedi by Hajira Maryam: “Ehtesab, a Kabul-based startup, emerged out of a personal security-related incident that Sara Wahedi, a former Afghan government employee, experienced in May 2018. After witnessing a suicide bomb attack firsthand, Wahedi rushed home, where she could see militants roaming the streets from her balcony. The city was put on lockdown for 12 hours and left without electricity. No one, Wahedi said, knew when the electricity would be restored or when roads would be cleared. The authorities were of little help. 

“Since that moment, I kept pondering about the idea of accountability and information provision. I jotted down a few words in different languages for accountability, namely Dari and Pashto. That was the moment the term Ehtesab came to my mind.” 

Ehtesab means “accountability” in Dari and Pashto, and the app, formally launched in March 2020, offers streamlined security-related information, including general security updates in Kabul to its users. With real-time, crowdsourced alerts, users across the city can track bomb blasts, roadblocks, electricity outages, or other problems in locations close to them. The app, which generates push notifications about nearby security risks, is supported by 20 employees working out of the company’s Kabul office, according to Wahedi. 

Despite the company’s single-minded focus on security, the Ehtesab team was caught off-guard by the sudden collapse of the Afghan government over the weekend. “It was inevitable that there would be a significant shift in governance … but we weren’t expecting the Taliban to come in within the first eight hours of the day,” Wahedi said….(More)”.