- Polar Peak in Fortnite is cracking, and players think a dragon may be beneath the ice 3 Years Ago
- ‘Rise of Skywalker’ first look reveals mysterious new characters 3 Years Ago
- Meet the anti-choice, pro-NRA Trump supporter challenging Rep. Justin Amash 3 Years Ago
- Moby attempts to prove he dated Natalie Portman with a shirtless photo 3 Years Ago
- After feuding with James Charles, Tati Westbrook angers the YouTube community Today 11:06 AM
- Does Keri Russell’s ‘Rise of Skywalker’ character have an offensive name in Spanish? Today 10:59 AM
- It’s not clear if Ralph Northam is in racist yearbook photo, investigators say Today 10:48 AM
- The atonement of an alt-right troll Today 9:25 AM
- #StopTheBans protests draw thousands across the country in support of abortion rights Today 9:24 AM
- North Korea is using Trump’s low IQ attack on Joe Biden Today 9:14 AM
- How to watch ‘Kidding’ for free Today 8:00 AM
- What’s the deal with Bran Stark at the end of ‘Game of Thrones’? Today 6:30 AM
- How to watch TruTV online for free Today 6:00 AM
- Fans call out Madonna for edited Eurovision video Tuesday 9:36 PM
- Partnered Twitch streamer temporarily banned for airing troll’s racist message Tuesday 8:45 PM
How hacktivist group RedHack gamed Turkey’s censorship regime
The Turkish government’s plan to hide a massive email leak completely backfired.
The Turkish government blocked Google Drive, Dropbox, OneDrive and even Github to stop leaked emails of Energy Minister, Berat Albayrak, from spreading further—exactly how the hackers behind the email leak expected them to react, allowing them to spread the leak further using the Streisand Effect.
Bütün ülke oturduk düşünüyoruz;
Berat github’ı yasaklatacak ne boklar yedi acaba?
— ¯\_(ツ)_/¯ (@heavie) October 9, 2016
(“The whole country now thinks, ‘What the heck is in Berat’s emails to worth a github ban?’”)
The Daily Dot previously reported that the Marxist hacktivist group, RedHack, has compromised the private email accounts of Minister Albayrak—Turkish President Recep Tayyip Erdoğan’s son-in-law—and leaked the 17GB email archive to a group of journalists, including the Daily Dot.
Two days ago, when Cemil Uğur, a reporter from the leftist daily Evrensel, was imprisoned for “making propaganda an illegal organisation,” RedHack threatened to leak the email archive publicly if Uğur and other jailed reporters are not released within a day. After the deadline, the group followed through its threat.
RedHack’s current Twitter account, @TheRedHack97, started to share direct download links and torrent files of the email archive on various cloud platforms and file-sharing services and published a guide on Medium about importing the archive into the open-source email client Thunderbird.
To overcome the Turkish government’s notorious censorship, the hacker group diversified sources, including with links on StackOverflow profiles and in the deep halls of the Internet Archive —prompting the Turkish government to ban them all one by one, including blocking the “archive.org” domain and banning access to the Wayback Machine along the way.
But RedHack said they have calculated the most impact by uploading the torrent file to the GitHub, forcing the Turkish government into a hard choice between blocking the world’s biggest source-code repository or facing the fact that the leak will be available to the public.
Within four hours of the leak, Turkey’s internet authority decided to issue a nationwide block on GitHub, which was lifted approximately 18 hours later—a period long enough to make headlines all around the world. Meanwhile, the content that RedHack uploaded on the GitHub was not removed at all; instead, the group is now uploading screenshots of emails to further circumvent Turkey’s censorship.
The ban on Google Drive was also lifted after 15 hours despite the re-uploaded torrent file still being accessible. The block on Dropbox has also been lifted. As of this writing, OneDrive, however, remains blocked.
While the Google Drive access problems halted many corporate services inside Turkey, the block on GitHub had collateral damages for the general public as well. For example, websites using Font Awesome were not displaying their content properly, and MacOS package manager system Homebrew was reportedly not working.
The GitHub block certainly hit the Turkish developers most, making “#GitHub” hashtag one of Twitter’s top trends in Turkey. RedHack jokingly tweeted, “one-day general strike for developers,” in reference to the GitHub block.
Coinciding with the Startup Istanbul week, Turkish entrepreneurs were openly frustrated as well:
(“After cloud-based systems, #github is also blocked. Is this a joke? If we are trying to wipe out start-ups, we are on the right track”)
Yazılım geliştireceksin Github yok. Tahsilat yapacaksın PayPal yok. Arşivleyeceksin Dropbox yok. Nasıl 21.yüzyıl sirketlerini çıkaracağız?
— Cenk Sidar (@cenksidar) October 9, 2016
(“Want to develop software, no Github. Want to receive money, no PayPal. Want to archive, no Dropbox. How are we supposed to have 21st century companies?”)
Orantılılık kavramının tanımı: 1 kişinin epostalarını koruyacağım diye milyonlarca insanın tüm verilerine erişimi engelleyemezsiniz.
— Kerem ALTIPARMAK (@KeremALTIPARMAK) October 8, 2016
(“Definition of proportionality: You cannot ban access to millions of people’s data to secure 1 person’s emails.”)
At the end of the day, all of Turkey’s blocking attempts to stop the world’s leading cloud services seemed to be in vain, as RedHack kept sharing the torrent file and magnet link that points to the 10.9GB compressed (.rar) archive of the email dump on all possible platforms, which was then downloaded and seeded by hundreds of people inside Turkey and abroad. For the users of Tor, a popular encrypted anonymity network and suite of privacy tools, RedHack also installed a web viewer for the emails on a .onion server used to access content through the Tor network:
Turkish government’s increasing control of the domestic media is rightfully concerning. But its attempts to control the online world is evidently a failure when groups such as RedHack know how to turn the tables.
Update 3:52pm CT, Oct. 12: The block on Dropbox has been lifted.
Efe Kerem Sözeri is a Turkish freelance researcher who lives in the Netherlands. After studying political science in Istanbul, he moved to Amsterdam to study migrants' political behavior. Besides his academic work, he regularly writes on internet freedom and censorship in Turkey.