The most important issue reported in this article is the availability of free web based email like Gmail. As Gmail is fully encrypted and there are add-ins and extensions to make it doubly encrpyted, its availability gives people the ability to communicate safely with anyone who has an email address.

What do you think of Mr Parker giving the Junta a heads up on the use of proxy servers?

************************

A Hole in the Net
October 2006
By Clive Parker/Rangoon
 
Despite severe online restrictions, the Burmese authorities are losing the battle to control the Internet

When Burma blocked Internet-based communication programs like Gmail and Gtalk in June, it took less than a fortnight before users were able to access their email accounts again. Reports in the press were contradictory—one day Gmail was accessible, one day it was banned. Many of Burma’s Internet users were getting around the ban by using proxy servers, which bypass Burma’s firewall by linking up to servers around the world.

This episode marked the first major battle between Burma’s increasingly tech-savvy Internet users and the authorities, armed with a firewall using software courtesy of California-based Fortinet.

“It’s like hide and seek,” says one Rangoon-based journalist. Like an increasing number of Internet users, he uses proxy servers, although they are not always effective.

 “Even with the proxy service, accessing Gmail remains on and off,” said Khin Maung, a Rangoon-based internet user.

 Still, their use greatly decreases Internet restrictions in Burma. A report produced last year by the Open Net Initiative—a collaboration between Harvard, Oxford and Toronto Universities—showed that 84 percent of sites “with content known to be sensitive to the Burmese state” were blocked, while 85 percent of free web-based email was also banned.

With proxy servers many of these immediately become available—access to The Irrawaddy, for example, is straightforward in Burma for those who know how, and many Internet café owners will now input links to proxy servers for their customers. Prices are coming down too. Internet rates two years ago ran as high as 1000 kyat (US 75 cents) an hour. Cyber cafes in Rangoon now start at 400 kyat (30 cents) an hour.

Whereas access to Hotmail and Yahoo mail was limited to a handful of those competent enough to track down an unblocked proxy server two years ago, now both are readily available. The wall is beginning to come down. The question is: How motivated is the government to keep material blocked?

One Burmese Internet user described the government’s current stance on Internet security as “a one-eye-open policy,” meaning a certain level of freedom is tolerated on the Internet as long as overtly sensitive online activities are avoided.

One program that will likely annoy the government is Google Earth, which shows detailed satellite images of construction in Naypyidaw, Insein prison in Rangoon and sensitive military installations including airports around the country that house fighter jets and combat helicopters. With Internet speeds in Burma now increasing, this program is being used by Burmese curious to view areas they would not usually be able to access.

Although Burma’s Internet cafes are required to provide the Ministry of Information with screenshots recording the activities of unsuspecting customers, in reality the system is easily undermined. Café owners are unlikely to incriminate clients by supplying evidence of overtly sensitive activities on the web for fear of losing business and creating problems with the authorities, says the Rangoon-based journalist.

“In truth, they [the cybercafé owners] are safe and the customer is safe,” he says.

Similarly, at home, web surfers can remain under the radar. Using a broadband service requires registering with Bagan Cybertech, Burma’s main service provider, but a dial-up connection kit can be purchased in supermarkets in Rangoon and Mandalay without the user having to supply any personal information.

It is difficult to say to what extent users are exploiting gaps in the system, although there are opportunities for would-be cyber dissidents to catch up with the technicians that maintain Burma’s Internet security system. Singapore-based Informatics—a distance-learning program which offers university courses from around the globe—now has branches in Rangoon, Mandalay, Sittwe and Moulmein. For the few Burmese that can afford it, online courses are available in IT subjects including ethical hacking and cyber security.

While Burma’s Internet users refine their skills, there are reports that Fortinet may be trying to pull its product Fortiguard from Burma, which could leave a gaping hole in the country’s firewall.

A US-based Burma campaign group says Fortinet has taken action to withdraw its product from the country following widespread criticism. The California-based company—which denies it directly sold Fortiguard to Burma—said in late August that it had taken measures to initiate controls that prevent a US-sanctioned country from using its products. Admitting its software products “may have reached Burma,” Fortinet says it has also reviewed the practices of its resellers.

Another company could replace Fortinet, should it pull out of Burma, but the message is clear: with international IT firms realizing the PR fallout from involvement in Burma, and Internet users learning how to circumvent restrictions, the worldwide web is slowly undermining the junta’s ability to control information.  

With additional reporting by Ko Thet.
http://www.irrawaddy.org/