- Sarah Sanders shares Mueller Madness bracket Today 10:19 AM
- NASA postpones all-women spacewalk over lack of suits that fit the female astronauts Today 10:17 AM
- Texas Rangers shortstop walks up to ‘Baby Shark’ Today 9:58 AM
- The best wireless gaming headsets under $100 Today 9:23 AM
- Trump demands networks blacklist these guests—including prominent Democrats Today 9:09 AM
- Bookworms! Now’s your chance to grab 3 months of Amazon Music for free Today 9:00 AM
- You can get paid $1,000 to binge-watch the first 20 Marvel movies Today 8:56 AM
- The ‘flat stomach’ meme has morphed into the ‘pregnant mom’ meme Today 8:43 AM
- Get 6 months free with this sweet Amazon Music Unlimited offer Today 8:30 AM
- Zoie Burgher tweets details about supposed threesome with FaZe Pamaj, Abigale Mandler Today 8:09 AM
- How to stream MLB Network for free Today 8:05 AM
- BTS fans at war over these divisive Mattel dolls Today 7:38 AM
- ‘ReMastered: The Miami Showband Massacre’ revisits one of Ireland’s greatest tragedies Today 7:00 AM
- 12 underrated Netflix comedy specials you should watch now Today 7:00 AM
- Debunking the biggest Alexandria Ocasio-Cortez conspiracy theories Today 6:30 AM
How hacktivist group RedHack gamed Turkey’s censorship regime
The Turkish government’s plan to hide a massive email leak completely backfired.
The Turkish government blocked Google Drive, Dropbox, OneDrive and even Github to stop leaked emails of Energy Minister, Berat Albayrak, from spreading further—exactly how the hackers behind the email leak expected them to react, allowing them to spread the leak further using the Streisand Effect.
Bütün ülke oturduk düşünüyoruz;
Berat github’ı yasaklatacak ne boklar yedi acaba?
— ¯\_(ツ)_/¯ (@heavie) October 9, 2016
(“The whole country now thinks, ‘What the heck is in Berat’s emails to worth a github ban?’”)
The Daily Dot previously reported that the Marxist hacktivist group, RedHack, has compromised the private email accounts of Minister Albayrak—Turkish President Recep Tayyip Erdoğan’s son-in-law—and leaked the 17GB email archive to a group of journalists, including the Daily Dot.
Two days ago, when Cemil Uğur, a reporter from the leftist daily Evrensel, was imprisoned for “making propaganda an illegal organisation,” RedHack threatened to leak the email archive publicly if Uğur and other jailed reporters are not released within a day. After the deadline, the group followed through its threat.
RedHack’s current Twitter account, @TheRedHack97, started to share direct download links and torrent files of the email archive on various cloud platforms and file-sharing services and published a guide on Medium about importing the archive into the open-source email client Thunderbird.
To overcome the Turkish government’s notorious censorship, the hacker group diversified sources, including with links on StackOverflow profiles and in the deep halls of the Internet Archive —prompting the Turkish government to ban them all one by one, including blocking the “archive.org” domain and banning access to the Wayback Machine along the way.
But RedHack said they have calculated the most impact by uploading the torrent file to the GitHub, forcing the Turkish government into a hard choice between blocking the world’s biggest source-code repository or facing the fact that the leak will be available to the public.
Within four hours of the leak, Turkey’s internet authority decided to issue a nationwide block on GitHub, which was lifted approximately 18 hours later—a period long enough to make headlines all around the world. Meanwhile, the content that RedHack uploaded on the GitHub was not removed at all; instead, the group is now uploading screenshots of emails to further circumvent Turkey’s censorship.
The ban on Google Drive was also lifted after 15 hours despite the re-uploaded torrent file still being accessible. The block on Dropbox has also been lifted. As of this writing, OneDrive, however, remains blocked.
While the Google Drive access problems halted many corporate services inside Turkey, the block on GitHub had collateral damages for the general public as well. For example, websites using Font Awesome were not displaying their content properly, and MacOS package manager system Homebrew was reportedly not working.
The GitHub block certainly hit the Turkish developers most, making “#GitHub” hashtag one of Twitter’s top trends in Turkey. RedHack jokingly tweeted, “one-day general strike for developers,” in reference to the GitHub block.
Coinciding with the Startup Istanbul week, Turkish entrepreneurs were openly frustrated as well:
(“After cloud-based systems, #github is also blocked. Is this a joke? If we are trying to wipe out start-ups, we are on the right track”)
Yazılım geliştireceksin Github yok. Tahsilat yapacaksın PayPal yok. Arşivleyeceksin Dropbox yok. Nasıl 21.yüzyıl sirketlerini çıkaracağız?
— Cenk Sidar (@cenksidar) October 9, 2016
(“Want to develop software, no Github. Want to receive money, no PayPal. Want to archive, no Dropbox. How are we supposed to have 21st century companies?”)
Orantılılık kavramının tanımı: 1 kişinin epostalarını koruyacağım diye milyonlarca insanın tüm verilerine erişimi engelleyemezsiniz.
— Kerem ALTIPARMAK (@KeremALTIPARMAK) October 8, 2016
(“Definition of proportionality: You cannot ban access to millions of people’s data to secure 1 person’s emails.”)
At the end of the day, all of Turkey’s blocking attempts to stop the world’s leading cloud services seemed to be in vain, as RedHack kept sharing the torrent file and magnet link that points to the 10.9GB compressed (.rar) archive of the email dump on all possible platforms, which was then downloaded and seeded by hundreds of people inside Turkey and abroad. For the users of Tor, a popular encrypted anonymity network and suite of privacy tools, RedHack also installed a web viewer for the emails on a .onion server used to access content through the Tor network:
Turkish government’s increasing control of the domestic media is rightfully concerning. But its attempts to control the online world is evidently a failure when groups such as RedHack know how to turn the tables.
Update 3:52pm CT, Oct. 12: The block on Dropbox has been lifted.
Efe Kerem Sözeri is a Turkish freelance researcher who lives in the Netherlands. After studying political science in Istanbul, he moved to Amsterdam to study migrants' political behavior. Besides his academic work, he regularly writes on internet freedom and censorship in Turkey.