Technology Use and Cybersecurity in Activism and Elections

Alexandru G. Bardas

Department of Electrical Engineering & Computer Science and ITTC, University of Kansas alexbardas@ku.edu

al.

Timeline of the Sudanese 2018-2019 Revolution

Research Questions

Methodology

Threat Landscape

Security Goals

Plausible deniability during protests and Security from Physical security Security during the blockade and the upon arrest electronic surveillance internet blackout

Defensive Practices

Use app or feature of app/phone to hide data:

• App to hide other apps
• Huawei private space
• WhatsApp archive feature
• iPhone screentime

Plausible deniability

during protests and                                                                                             “There was this app, but it was really working for Apple,

upon arrest                                                                              basically, and then you have to open it, it’s like a calculator, iPhones, more than Android, where you can hide your apps you have to punch in a specific number for it to open the app”

“the first fingerprint would sign me into my account or my

Sanitization of phone   regular phone space. The other fingerprint. I don’t even know and online activity    what to say. It’s just an empty space,just like if I bought the phone right now”

Disguise and           “Then for the ones that I cannot delete because I need them in concealment of data          the future, I just archive the contacts” and identity

Practices:

Defensive Practices                              -          Use app or features of app/phone to hide data

• Using coded communication
• Obscuring internet traffic through VPN use and proxies
• Use app in browser
• Access app through emulator
• Anonymization of online identity
• Need to know information sharing

“We all agreed on those phrases, when we say X we mean this and

             Security from                                                                      when we say Y we mean that. So these people develop codesfor

electronic surveillance                communication where they say something explicitly but it would implicitly have another meaning”

“I have seen kind of --advice that you should change your

Facebook name.I myself did that. I changed my Facebook to

something very weird so that I cannot be tracked”

Security of online communications

Political influence:

Preventing online      --          International sanctions prevent the use of local numbers for authenticationGovernment control over telecommunication infrastructure misinformation            -           Foreign governments’ ties to Sudanese government

Societal influence: Diaspora enabled 2FA using foreign number

e.g., advice from an Eastern European activist group (Signal app)

Defensive Practices

• Fact checking through manual heuristics
• Establishing trusted sources

“There are things on Twitter --you will find a small number of followers, the account handle itself will be a lot of jargon--

Security from           letters, numbers. So right off you will sense they’re not real electronic surveillance accounts. Then, checking the very first 5-6 tweets, you will see a pattern of supporting the governmentin the context of the

revolution, so you would know, most of the information coming

from these accounts won’t be true”

Security of online “Most of our communication was through meetings, like in communicationsperson meetings, it wasn’t through social media”

Preventing online

             misinformation                                                                   Societal influence: diaspora enabled online content

moderation to prevent misinformation

Defensive Practices

• Camouflaging
• Protests’ Practices (before, after and during)

“it depends on the area that you’re protesting somewhere, some people are really on to it, towards surveying the areawe’re going to go to protest at, and knowing the exitsand the streets and

whereabouts, and whatever they can use as a route of escape if

          Physical Security                                                                                                        something happens”

“the main thing we tell them is don’t go out aloneon your first time, like you have to have someone with you who has

experienceor has gone through this a couple times so they can tell you what to do when you’re there and how to avoid things,

Security from arrests,                                                                             how to know when to run, when is it time to leave and all that”

device confiscation and physical targeting  “Wearing special colors,hiding inside the mass,or…  there were

some techniques for those who are documenting”

Practices:

• Mesh networking / P2P Chat Apps

Defensive Practices                              -         Use of foreign SIM cards on roaming

• Internet access through a certain provider
• Text messages and phone calls
• VPN use for availability
• Pamphlets and graffitti

“Yeah, some of them used roaming, on SIM cards that they have

Security during the      from different countries’ there was no other way that you could get internet”phone numbers. But other than that, blockade and the internet blackout “one of the providers had one of its services working which is like Sudani DSL”

“And at other times we had to use VPNsbecause the telecommunication ministry, again, blocked social media. So we

Ensuring the          needed to bypass that” availability and security of communications          Non-adoption factors:

• Usability and functionality issues
• Lack of mass adoption crippled individual use

Activism and Technology

• Tensions in needs of different user groups
  • Using a specialized communication app vs a common one
• When studying user practices, consider the geopolitical context...
  • Right to privacy

○ Power held by authorities

○ Government control over telecommunications infrastructure and companies

○ History of censorship or blackout ○ International politics and sanctions

• ….and about characteristics of the users….
  • Baseline digital literacy

○ Knowledge sharing and trust

○ Common security knowledge

More Information:

Defensive Technology Use During the 2018-2019 Sudanese Revolution.

In IEEE Security and Privacy Magazine (Special Issue), April/May 2022

Defensive Technology Use by Political Activists During the Sudanese Revolution. In IEEE Symposium on Security and Privacy (S&P) -- Oakland, May 2021.

                Alaa Daffalla1         Lucy Simko2           Tadayoshi Kohno2          Alexandru G. Bardas1

1. 1. Department of Electrical Engineering & Computer Science and ITTC, University of Kansas

{a.daffalla, alexbardas}@ku.edu

1. 1. 2. Paul G. Allen School of Computer Science & Engineering, University of Washington          {simkol, yoshi}@cs.washington.edu

Note: Some of the slides used this presentation were also used as part of the IEEE S&P 2021 presentation