- Twitter thread roasts bathtub tray ads for women Monday 7:21 PM
- Nintendo set to release two new models of the Switch—possibly in 2019 Monday 6:45 PM
- Viral cat video ‘Dear Kitten’ finds new life in TikTok challenge Monday 5:30 PM
- Here’s every show that was announced at the Apple TV+ kickoff Monday 3:53 PM
- ‘Shazam!’ embraces the spectacle and heart of the superhero genre Monday 3:45 PM
- How to mute Twitter’s suggested tweets on your timeline Monday 3:02 PM
- What you need to know about Apple’s new streaming service Monday 2:32 PM
- Text-message fanfiction is taking over Instagram Monday 1:54 PM
- Your Asus computer might have a secret backdoor Monday 1:06 PM
- Trump is already fundraising off the Mueller report—even though no one’s seen it Monday 1:01 PM
- Michael Avenatti charged with trying to extort $20 million from Nike Monday 12:51 PM
- Logan Paul says being a YouTuber is ‘wack’ Monday 12:14 PM
- James Comey posts from a forest in wake of Mueller report Monday 10:35 AM
- These are the only online dating sites worth your time Monday 10:29 AM
- Jameela Jamil sparks conversation about women having to make the ‘boyfriend excuse’ Monday 10:23 AM
How hacktivist group RedHack gamed Turkey’s censorship regime
The Turkish government’s plan to hide a massive email leak completely backfired.
The Turkish government blocked Google Drive, Dropbox, OneDrive and even Github to stop leaked emails of Energy Minister, Berat Albayrak, from spreading further—exactly how the hackers behind the email leak expected them to react, allowing them to spread the leak further using the Streisand Effect.
Bütün ülke oturduk düşünüyoruz;
Berat github’ı yasaklatacak ne boklar yedi acaba?
— ¯\_(ツ)_/¯ (@heavie) October 9, 2016
(“The whole country now thinks, ‘What the heck is in Berat’s emails to worth a github ban?’”)
The Daily Dot previously reported that the Marxist hacktivist group, RedHack, has compromised the private email accounts of Minister Albayrak—Turkish President Recep Tayyip Erdoğan’s son-in-law—and leaked the 17GB email archive to a group of journalists, including the Daily Dot.
Two days ago, when Cemil Uğur, a reporter from the leftist daily Evrensel, was imprisoned for “making propaganda an illegal organisation,” RedHack threatened to leak the email archive publicly if Uğur and other jailed reporters are not released within a day. After the deadline, the group followed through its threat.
RedHack’s current Twitter account, @TheRedHack97, started to share direct download links and torrent files of the email archive on various cloud platforms and file-sharing services and published a guide on Medium about importing the archive into the open-source email client Thunderbird.
To overcome the Turkish government’s notorious censorship, the hacker group diversified sources, including with links on StackOverflow profiles and in the deep halls of the Internet Archive —prompting the Turkish government to ban them all one by one, including blocking the “archive.org” domain and banning access to the Wayback Machine along the way.
But RedHack said they have calculated the most impact by uploading the torrent file to the GitHub, forcing the Turkish government into a hard choice between blocking the world’s biggest source-code repository or facing the fact that the leak will be available to the public.
Within four hours of the leak, Turkey’s internet authority decided to issue a nationwide block on GitHub, which was lifted approximately 18 hours later—a period long enough to make headlines all around the world. Meanwhile, the content that RedHack uploaded on the GitHub was not removed at all; instead, the group is now uploading screenshots of emails to further circumvent Turkey’s censorship.
The ban on Google Drive was also lifted after 15 hours despite the re-uploaded torrent file still being accessible. The block on Dropbox has also been lifted. As of this writing, OneDrive, however, remains blocked.
While the Google Drive access problems halted many corporate services inside Turkey, the block on GitHub had collateral damages for the general public as well. For example, websites using Font Awesome were not displaying their content properly, and MacOS package manager system Homebrew was reportedly not working.
The GitHub block certainly hit the Turkish developers most, making “#GitHub” hashtag one of Twitter’s top trends in Turkey. RedHack jokingly tweeted, “one-day general strike for developers,” in reference to the GitHub block.
Coinciding with the Startup Istanbul week, Turkish entrepreneurs were openly frustrated as well:
(“After cloud-based systems, #github is also blocked. Is this a joke? If we are trying to wipe out start-ups, we are on the right track”)
Yazılım geliştireceksin Github yok. Tahsilat yapacaksın PayPal yok. Arşivleyeceksin Dropbox yok. Nasıl 21.yüzyıl sirketlerini çıkaracağız?
— Cenk Sidar (@cenksidar) October 9, 2016
(“Want to develop software, no Github. Want to receive money, no PayPal. Want to archive, no Dropbox. How are we supposed to have 21st century companies?”)
Orantılılık kavramının tanımı: 1 kişinin epostalarını koruyacağım diye milyonlarca insanın tüm verilerine erişimi engelleyemezsiniz.
— Kerem ALTIPARMAK (@KeremALTIPARMAK) October 8, 2016
(“Definition of proportionality: You cannot ban access to millions of people’s data to secure 1 person’s emails.”)
At the end of the day, all of Turkey’s blocking attempts to stop the world’s leading cloud services seemed to be in vain, as RedHack kept sharing the torrent file and magnet link that points to the 10.9GB compressed (.rar) archive of the email dump on all possible platforms, which was then downloaded and seeded by hundreds of people inside Turkey and abroad. For the users of Tor, a popular encrypted anonymity network and suite of privacy tools, RedHack also installed a web viewer for the emails on a .onion server used to access content through the Tor network:
Turkish government’s increasing control of the domestic media is rightfully concerning. But its attempts to control the online world is evidently a failure when groups such as RedHack know how to turn the tables.
Update 3:52pm CT, Oct. 12: The block on Dropbox has been lifted.
Efe Kerem Sözeri is a Turkish freelance researcher who lives in the Netherlands. After studying political science in Istanbul, he moved to Amsterdam to study migrants' political behavior. Besides his academic work, he regularly writes on internet freedom and censorship in Turkey.