DOCSLIB.ORG

MASTER THESIS Cyber Attribution: Problem Solved?

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

MASTER THESIS Cyber Attribution: Problem Solved? Analyzing the Communication of Blame and Evidence for Nation-State Involvement in Cyber Operations, 1998-2018 Author: K.M. (Koen) van den Dool Student Number: S1747525 E-Mail: [email protected] Date: June 6, 2018 Word count: 20237 Supervisor: Prof. Dr. B. van den Berg Second Reader: Mr. S. Boeke Program: MSc in Crisis and Security Management Faculty of Governance and Global Affairs – Universiteit Leiden Master Thesis | K.M. van den Dool Table of Contents 1. INTRODUCTION ...................................................................................................... 4 2. THEORY: ATTRIBUTION OF CYBER OPERATIONS ...................................................... 8 2.1. Defining Cyber Operations ............................................................................ 8 2.2. Attribution in Cyberspace ............................................................................ 11 2.2.1. Identification ............................................................................................. 12 2.2.2. Response ................................................................................................. 21 2.2.3. Communication ........................................................................................ 28 3. ANALYSIS: BLAME AND EVIDENCE IN CYBER ATTRIBUTION ..................................... 31 3.1. Methodology ................................................................................................ 31 3.1.1. Case Selection ......................................................................................... 33 3.1.2. Variables .................................................................................................. 37 3.2. Analysis ....................................................................................................... 43 3.2.1. First Results ............................................................................................. 43 3.2.2. Neutral Attribution..................................................................................... 47 3.2.3. Territorial Attribution ................................................................................. 54 3.2.4. Nation-State Attribution ............................................................................ 62 4. CONCLUSION ....................................................................................................... 72 BIBLIOGRAPHY ........................................................................................................... 76 APPENDIX A: DATASET ............................................................................................... 95 1 Master Thesis | K.M. van den Dool LIST OF TABLES Table 1: Levels of Identification .............................................................................................. 13 Table 2: Levels of State Involvement in Cyber Operations ..................................................... 20 Table 3: Law Enforcement vs. National Security Approach to Attribution ............................. 21 Table 4: State Involvement and Response Types ..................................................................... 27 Table 5: Operation Levels (Examples) ..................................................................................... 36 Table 6: First Results of Categorization ................................................................................... 43 Table 7: Number of Cases per Operation Type ........................................................................ 45 Table 8: Classification of Attribution Occurrences for CNA and CNE Cases ........................ 45 Table 9: Number of Cases per Target Type ............................................................................. 46 Table 10: Classification of Attribution Occurrences per Target Type ..................................... 46 LIST OF FIGURES Figure 1: Attribution of Cyber Operations, 1998-2018 ............................................................ 44 LIST OF ILLUSTRATIONS Image 1: Calvin and Hobbes ...................................................................................................... 4 Image 2: Parody of the 1993 New Yorker cartoon .................................................................. 15 Image 3: Excerpt from the TRANSCOM report (screenshot) ................................................. 64 Image 4: ThreatConnect's Diamond Model and Attribution of FancyBear (screenshot) ......... 68 2 Master Thesis | K.M. van den Dool LIST OF ABBREVIATIONS ACSC Australian Cyber Security Centre APT Advanced Persistent Threat ARSIWA Articles on Responsibility of States for Internationally Wrongful Acts C2 (or C&C) Command and Control CFR Council on Foreign Relations CNA Computer Network Attack CNE Computer Network Exploitation CNO Computer Network Operations DDoS Distributed Denial of Service DHCP Dynamic Host Control Protocol DIME(LE) Diplomacy, Information, Military, Economy (and Law Enforcement) DNC Democratic National Convention DNS Domain Name System EU European Union FBI Federal Bureau of Investigation NSA National Security Agency GCHQ Government Communications Headquarters GDPR General Data Protection Regulation IO Information Operations IOC Indicators of Compromise ISP Internet Service Provider IAAF International Association of Athletics Federations MFA Ministry of Foreign Affairs NATO North Atlantic Treaty Organization NISCC National Infrastructure Security Coordination Centre RAT Remote Access Tool TOR The Onion Router US United States VPN Virtual Private Network VPS Virtual Private Server WADA World Anti-Doping Agency 3 Master Thesis | K.M. van den Dool 1. Introduction Image 1: Calvin and Hobbes1 “Cyberspace. A consensual hallucination experienced daily by billions of legitimate operators […] A graphical representation of data abstracted from the banks of every computer in the human system.”2 This is the original definition of the word ‘cyberspace’, first used by science fiction writer William Gibson in his book ‘Neuromancer’, published in 1984. 26 years later, the Pentagon defined it as “a global domain within the information environment consisting of the independent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.”3 An important characteristic of cyberspace is the detachment of the physical identity from the technical identity. Digital identifiers such as IP addresses and domain names are not inherently linked to one person or entity in the same way as fingerprints or DNA profiles are. Put differently, strings of digital code in themselves are neutral and replicable. As a result, when trying to identify criminals and aggressors in cyberspace, Bruce Schneier says: “In cyberspace you can’t see anything directly, so it’s all going to be circumstantial.”4 This statement sheds light on one of the core dilemmas that decision makers face when responding to cyber attacks – the so-called attribution problem in cyberspace. A standard 1 “Calvin and Hobbes by Bill Watterson for Jan 20, 1994,” Go Comics (website), accessed May 22, 2018, http://www.gocomics.com/calvinandhobbes/1994/01/20. 2 William Gibson, Neuromancer (New York: The Berkley Publishing Group, 1984), 51. 3 Noah Shachtman, “26 years after Gibson, Pentagon defines ‘Cyberspace’,” Wired, May 23, 2008, accessed May 22, 2018, https://www.wired.com/2008/05/pentagon-define/. 4 VICELAND, “The Attribution Problems in Cyber Attacks: CYBERWAR (Extra Scene),” YouTube (website), July 14, 2016, accessed February 20, 2018, https://www.youtube.com/watch?v=OJ9myAO445w. 4 Master Thesis | K.M. van den Dool dictionary defines “to attribute” as “to explain (something) by indicating a cause”.5 After a violation of the law in the ‘physical’ world, a crime is (ideally) attributed to a criminal based on evidence, which is presented before a court, which may find the criminal guilty beyond any reasonable doubt. In addition, an attack in the context of interstate conflict is generally overt and attributable.6 This process can be complex, but the procedural rules and standards of evidence are relatively straightforward. Coming to grips with responding to cyber attacks is more problematic, because attribution is more ambiguous when the ‘crime scene’ or ‘battlefield’ consists of globally spread fragments of code. Joseph S. Nye Jr. illustrates the difficulty of cyber attribution by comparing it to conventional deterrence of nuclear attacks: “Nuclear attribution is not perfect, but only nine states possess nuclear weapons; the isotopic identifiers of their nuclear materials are relatively well known; and although weapons or materials could be stolen by third parties, there are serious barriers to entry for non-state actors. None of this is true in cyberspace, where a few lines of malicious code can be written (or purchased on the dark web) by any number of state or non-state actors.”7 Attributing cyber attacks is an important issue for decision makers, as is explained by Susan Brenner, because knowing who is behind a cyber attack indicates what type of threat one is facing – i.e. terrorism, crime, warfare.8 This, in turn, indicates whether the threat requires a law enforcement response or a national security response. Although some have called attribution “perhaps the most difficult problem” in cyberspace,9 others are less pessimistic. Thomas Rid, for example, says “there is still this ‘attribution is impossible’ knee jerk reaction”,
Recommended publications
  • IBM Multi-Factor Authentication for Z/OS

    IBM Multi-Factor Authentication for Z/OS

    Multi Factor Authentication for Linux on IBM Z using a centralized z/OS LDAP infrastructure Dr. Manfred Gnirss Thomas Wienert Z ATS IBM Systems IBM Germany R & D Boeblingen, 18.7.2018 © 2018 IBM Corporation 2 Trademarks The following are trademarks of the International Business Machines Corporation in the United States, other countries, or both. Not all common law marks used by IBM are listed on this page. Failure of a mark to appear does not mean that IBM does not use the mark nor does it mean that the product is not actively marketed or is not significant within its relevant market. Those trademarks followed by ® are registered trademarks of IBM in the United States; all others are trademarks or common law marks of IBM in the United States. For a complete list of IBM Trademarks, see www.ibm.com/legal/copytrade.shtml: *BladeCenter®, DB2®, e business(logo)®, DataPower®, ESCON, eServer, FICON, IBM®, IBM (logo)®, MVS, OS/390®, POWER6®, POWER6+, POWER7®, Power Architecture®, PowerVM®, S/390®, System p®, System p5, System x®, System z®, System z9®, System z10®, WebSphere®, X-Architecture®, zEnterprise, z9®, z10, z/Architecture®, z/OS®, z/VM®, z/VSE®, zSeries® The following are trademearks or registered trademarks of other companies. Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. Cell Broadband Engine is a trademark of Sony Computer Entertainment, Inc. in the United States, other countries, or both and is used under license therefrom. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc.
  • SANS Spearphishing Survival Guide

    SANS Spearphishing Survival Guide

    SANS Spearphishing Survival Guide A SANS Whitepaper Written by Jerry Shenk December 2015 Sponsored by Proofpoint ©2015 SANS™ Institute Executive Summary Organizations are constantly under attack. Nearly every week comes a news headline of another breach affecting millions of people. Organizations that experience “small” breaches spend hundreds of thousands of dollars on forensic examinations, infrastructure upgrades and identity monitoring. Those that get hit by a large breach spend millions. The majority of those threats still arrive by email in the form of weaponized file attachments, malicious links, wire-transfer fraud and credential phishing. In most cases, attackers deploy email-borne attacks that target specific individuals and fool them into believing they are from someone they do business with or someone in authority who knows them. Often, attackers gather the information they need to pull off these sorts of phishing attacks over social media, where employees share significant amounts of personal and contextual information. Just as often, employees leak information over mobile applications that make it easier for criminals to target their attacks. While most antivirus, anti-malware and email security systems are good at catching traditional mass email phishing attacks with known malicious attachments, links and content, they are not catching the most sophisticated targeted attacks on email recipients. These types of attacks, called spearphishing, gather information on high- value targets who have direct access to company financial or customer information.1 Using social media, mobile apps and other sources of information (such as a company website), criminals can make connections between business associates and third parties in order to craft emails that look like they come from someone the targets work with—and neither network-based nor email-based security tools are catching them consistently.
  • 7.4, Integration with Google Apps Is Deprecated

    7.4, Integration with Google Apps Is Deprecated

    Google Search Appliance Integrating with Google Apps Google Search Appliance software version 7.2 and later Google, Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043 www.google.com GSA-APPS_200.03 March 2015 © Copyright 2015 Google, Inc. All rights reserved. Google and the Google logo are, registered trademarks or service marks of Google, Inc. All other trademarks are the property of their respective owners. Use of any Google solution is governed by the license agreement included in your original contract. Any intellectual property rights relating to the Google services are and shall remain the exclusive property of Google, Inc. and/or its subsidiaries (“Google”). You may not attempt to decipher, decompile, or develop source code for any Google product or service offering, or knowingly allow others to do so. Google documentation may not be sold, resold, licensed or sublicensed and may not be transferred without the prior written consent of Google. Your right to copy this manual is limited by copyright law. Making copies, adaptations, or compilation works, without prior written authorization of Google. is prohibited by law and constitutes a punishable violation of the law. No part of this manual may be reproduced in whole or in part without the express written consent of Google. Copyright © by Google, Inc. Google Search Appliance: Integrating with Google Apps 2 Contents Integrating with Google Apps ...................................................................................... 4 Deprecation Notice 4 Google Apps Integration 4
  • The Rise of Cyber-Espionage

    The Rise of Cyber-Espionage

    Case Study: THE RISE OF CYBER-ESPIONAGE 5HFUXLWPHQW3ODQ CounterTh e 20 7KH&RXQWHU7HUURULVW ~ June/July 2012 ©istockphoto/loops7 By Chris Mark At a Hopkinton, Massachusetts, offi ce, an executive received an email that appeared to be from a coworker on March 1, 2011. Attached to the email was an Excel spreadsheet titled “2011 Recruitment Plan.” The man opened the spreadsheet. The email was not from a coworker, it was a carefully crafted attack known as ”spearfi shing” in which a fraudulent email is sent to a specifi c person. he spearfi shing email contained an system, SecurID. SecurID is used by an Excel spreadsheet with a zero- estimated 250 million people worldwide. Tday exploit and a version of the Poison Th e attack was believed to have been ini- Ivy RAT (remote administration tool) tiated using a zero-day exploit created by payload embedded. Th e RAT enabled a Chinese hacker. Evidence suggests the a hacker to gain privileged access to the possibility of Chinese-sponsored cyber- network of RSA Security (an American espionage.1 RSA’s CEO, Art Coviello, computer and network security com- stated the stolen SecurID information pany). Th e company had been founded “could potentially be used to reduce by Ron Rivest, Adi Shamir, and Leonard the eff ectiveness of a current two-factor Adleman, the inventors of the RSA public authentication implementation as part key cryptographic algorithm. Th is single of a broader attack (italics added).”2 Th is The US government event initiated an attack that would result proved to be an ominous prediction.
  • Potential Human Cost of Cyber Operations

    Potential Human Cost of Cyber Operations

    ICRC EXPERT MEETING 14–16 NOVEMBER 2018 – GENEVA THE POTENTIAL HUMAN COST OF CYBER OPERATIONS REPORT ICRC EXPERT MEETING 14–16 NOVEMBER 2018 – GENEVA THE POTENTIAL HUMAN COST OF CYBER OPERATIONS Report prepared and edited by Laurent Gisel, senior legal adviser, and Lukasz Olejnik, scientific adviser on cyber, ICRC THE POTENTIAL HUMAN COST OF CYBER OPERATIONS Table of Contents Foreword............................................................................................................................................. 3 Acknowledgements ............................................................................................................................. 4 Executive summary ............................................................................................................................. 5 Introduction....................................................................................................................................... 10 Session 1: Cyber operations in practice .………………………………………………………………………….….11 A. Understanding cyber operations with the cyber kill chain model ...................................................... 11 B. Operational purpose ................................................................................................................. 11 C. Trusted systems and software supply chain attacks ...................................................................... 13 D. Cyber capabilities and exploits ..................................................................................................
  • A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX

    A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX

    In Collaboration With A PRACTICAL METHOD OF IDENTIFYING CYBERATTACKS February 2018 INDEX TOPICS EXECUTIVE SUMMARY 4 OVERVIEW 5 THE RESPONSES TO A GROWING THREAT 7 DIFFERENT TYPES OF PERPETRATORS 10 THE SCOURGE OF CYBERCRIME 11 THE EVOLUTION OF CYBERWARFARE 12 CYBERACTIVISM: ACTIVE AS EVER 13 THE ATTRIBUTION PROBLEM 14 TRACKING THE ORIGINS OF CYBERATTACKS 17 CONCLUSION 20 APPENDIX: TIMELINE OF CYBERSECURITY 21 INCIDENTS 2 A Practical Method of Identifying Cyberattacks EXECUTIVE OVERVIEW SUMMARY The frequency and scope of cyberattacks Cyberattacks carried out by a range of entities are continue to grow, and yet despite the seriousness a growing threat to the security of governments of the problem, it remains extremely difficult to and their citizens. There are three main sources differentiate between the various sources of an of attacks; activists, criminals and governments, attack. This paper aims to shed light on the main and - based on the evidence - it is sometimes types of cyberattacks and provides examples hard to differentiate them. Indeed, they may of each. In particular, a high level framework sometimes work together when their interests for investigation is presented, aimed at helping are aligned. The increasing frequency and severity analysts in gaining a better understanding of the of the attacks makes it more important than ever origins of threats, the motive of the attacker, the to understand the source. Knowing who planned technical origin of the attack, the information an attack might make it easier to capture the contained in the coding of the malware and culprits or frame an appropriate response. the attacker’s modus operandi.
  • Security Features

    Security Features

    Security Features SL1 version 10.1.0 Table of Contents Introduction 4 Who Should Read This Manual? 4 Built-In Security for Appliances and Data 5 Hardened Operating System 6 Limited Open Ports 6 Firewalls and White Lists 6 Hardened Configuration on Each Appliance 7 Root Access 7 API 7 All-In-One 7 Administration Portal 8 Database Server 8 Data Collectors and Message Collectors 8 Multiple Tenancy and Segregation of Duties 9 Account Types 9 Access Keys 9 Segregation by Organization 10 Credential Management 10 User Policies 11 Protection Against Injections and Cross-Site Scripting 12 Operating System Scan 12 Data Integrity 12 Backups 13 Disaster Recovery and High Availability 13 Audit Logs 13 Manage the Security of Your Network 15 Monitoring IDS, Firewalls, and Security Hardware 16 Security Events 16 Monitoring Changes to Device Configuration 16 Monitoring for Illicit Behavior 17 Blueprinting Windows Services 17 Blueprinting System Processes 17 Blueprinting DNS 18 Monitoring Open Ports 18 Monitoring Bandwidth Usage 18 Monitoring Hardware Performance 19 Managing Patches and Hot Fixes 21 Using Standard Deviation To Calculate "Normal" Conditions and Abnormal Conditions 21 Using Run Book Automation to Automate Responses to Security Events 21 Reports 22 Proxied Web Services 23 Security Settings 24 Access Control 25 Authentication 30 Multiple Tenancy and Segregation of Duties 31 Protection of Shared Content 33 Data Integrity 33 Security Events 34 Monitoring Changes to Device Configuration 35 Monitoring for Illicit Behavior 35 Blueprinting DNS, System Processes, and Windows Services 36 Monitoring Open Ports 37 Monitoring Bandwidth Usage 37 Monitoring Hardware Performance 39 Monitoring Patches and Hot Fixes 40 Using Run Book Automation to Automate Responses to Security Events 41 Reports 41 Proxied Web Services 41 Audit Logs 42 Chapter 1 Introduction Overview SL1 addresses two major aspects of system and network security: l SL1 appliances are lean, hardened, and configured for maximum security.
  • Com Google Gdata Client Spreadsheet Maven

    Com Google Gdata Client Spreadsheet Maven

    Com Google Gdata Client Spreadsheet Maven Merriest and kinkiest Casey invent almost accelerando, though Todd sucker his spondulicks hided. Stupefied and microbiological Ethan readies while insecticidal Stephen shanghais her lichee horribly and airts cherubically. Quietist and frostbitten Waiter never nest antichristianly when Stinky shook his seizin. 09-Jun-2020 116 24400 google-http-java-client-findbugs-1220-lp1521. It just gives me like a permutation code coverage information plotted together to complete output panel making mrn is com google gdata client spreadsheet maven? Chrony System EnvironmentDaemons 211-1el7centos An NTP client. Richard Huang contact-listgdata. Gdata-mavenmaven-metadataxmlmd5 at master eburtsev. SpreadsheetServiceVersionsclass comgooglegdataclientspreadsheet. Index of sitesdownloadeclipseorgeclipseMirroroomph. Acid transactions with maven coordinates genomic sequences are required js code coverage sequencing kits and client library for com google gdata client spreadsheet maven project setup and table of users as. Issues filed for googlegdata-java-client Record data Found. Uncategorized Majecek's Weblog. API using Spring any Spring Data JPA Maven and embedded H2 database. GData Spreadsheet1 usages comgooglegdataclientspreadsheet gdata-spreadsheet GData Spreadsheet Last feather on Feb 19 2010. Maven dependency for Google Spreadsheet Stack Overflow. Httpmavenotavanopistofi7070nexuscontentrepositoriessnapshots false. Gdata-spreadsheet-30jar Fri Feb 19 105942 GMT 2010 51623. I'm intern to use db2triples for the first time fan is a java maven project. It tries to approve your hours of columns throughout the free software testing late to work. Maven Com Google Gdata Client Spreadsheet Google Sites. Airhacksfm podcast with adam bien Apple. Unable to build ODK Aggregate locally Development ODK. Bmkdep bmon bnd-maven-plugin BNFC bodr bogofilter boinc-client bomber bomns bonnie boo books bookworm boomaga boost1710-gnu-mpich-hpc.
  • Download the Index

    Download the Index

    Dewsbury.book Page 555 Wednesday, October 31, 2007 11:03 AM Index Symbols addHistoryListener method, Hyperlink wid- get, 46 $wnd object, JSNI, 216 addItem method, MenuBar widget, 68–69 & (ampersand), in GET and POST parameters, addLoadListener method, Image widget, 44 112–113 addMessage method, ChatWindowView class, { } (curly braces), JSON, 123 444–445 ? (question mark), GET requests, 112 addSearchResult method JUnit test case, 175 SearchResultsView class, 329 A addSearchView method, MultiSearchView class, 327 Abstract Factory pattern, 258–259 addStyleName method, connecting GWT widgets Abstract methods, 332 to CSS, 201 Abstract Window Toolkit (AWT), Java, 31 addToken method, handling back button, 199 AbstractImagePrototype object, 245 addTreeListener method, Tree widget, 67 Abstraction, DAOs and, 486 Adobe Flash and Flex, 6–7 AbstractMessengerService Aggregator pattern Comet, 474 defined, 34 Jetty Continuations, 477 Multi-Search application and, 319–321 action attribute, HTML form tag, 507 sample application, 35 Action-based web applications Aggregators, 320 overview of, 116 Ajax (Asynchronous JavaScript and XML) PHP scripts for building, 523 alternatives to, 6–8 ActionObjectDAO class, 527–530 application development and, 14–16 Actions, server integration with, 507–508 building web applications and, 479 ActionScript, 6 emergence of, 3–5 ActiveX, 7 Google Gears for storage, 306–309 Add Import command Same Origin policy and, 335 creating classes in Eclipse, 152 success and limitations of, 5–6 writing Java code using Eclipse Java editor,
  • Zerohack Zer0pwn Youranonnews Yevgeniy Anikin Yes Men

    Zerohack Zer0pwn Youranonnews Yevgeniy Anikin Yes Men

    Zerohack Zer0Pwn YourAnonNews Yevgeniy Anikin Yes Men YamaTough Xtreme x-Leader xenu xen0nymous www.oem.com.mx www.nytimes.com/pages/world/asia/index.html www.informador.com.mx www.futuregov.asia www.cronica.com.mx www.asiapacificsecuritymagazine.com Worm Wolfy Withdrawal* WillyFoReal Wikileaks IRC 88.80.16.13/9999 IRC Channel WikiLeaks WiiSpellWhy whitekidney Wells Fargo weed WallRoad w0rmware Vulnerability Vladislav Khorokhorin Visa Inc. Virus Virgin Islands "Viewpointe Archive Services, LLC" Versability Verizon Venezuela Vegas Vatican City USB US Trust US Bankcorp Uruguay Uran0n unusedcrayon United Kingdom UnicormCr3w unfittoprint unelected.org UndisclosedAnon Ukraine UGNazi ua_musti_1905 U.S. Bankcorp TYLER Turkey trosec113 Trojan Horse Trojan Trivette TriCk Tribalzer0 Transnistria transaction Traitor traffic court Tradecraft Trade Secrets "Total System Services, Inc." Topiary Top Secret Tom Stracener TibitXimer Thumb Drive Thomson Reuters TheWikiBoat thepeoplescause the_infecti0n The Unknowns The UnderTaker The Syrian electronic army The Jokerhack Thailand ThaCosmo th3j35t3r testeux1 TEST Telecomix TehWongZ Teddy Bigglesworth TeaMp0isoN TeamHav0k Team Ghost Shell Team Digi7al tdl4 taxes TARP tango down Tampa Tammy Shapiro Taiwan Tabu T0x1c t0wN T.A.R.P. Syrian Electronic Army syndiv Symantec Corporation Switzerland Swingers Club SWIFT Sweden Swan SwaggSec Swagg Security "SunGard Data Systems, Inc." Stuxnet Stringer Streamroller Stole* Sterlok SteelAnne st0rm SQLi Spyware Spying Spydevilz Spy Camera Sposed Spook Spoofing Splendide
  • Ray Cromwell

    Ray Cromwell

    Building Applications with Google APIs Ray Cromwell Monday, June 1, 2009 “There’s an API for that” • code.google.com shows 60+ APIs • full spectrum (client, server, mobile, cloud) • application oriented (android, opensocial) • Does Google have a Platform? Monday, June 1, 2009 Application Ecosystem Client REST/JSON, GWT, Server ProtocolBuffers Earth PHP Java O3D App Services Media Docs Python Ruby Utility Blogger Spreadsheets Maps/Geo JPA/JDO/Other Translate Base Datastore GViz Social MySQL Search OpenSocial Auth FriendConnect $$$ ... GData Contacts AdSense Checkout Monday, June 1, 2009 Timefire • Store and Index large # of time series data • Scalable Charting Engine • Social Collaboration • Story Telling + Video/Audio sync • Like “Google Maps” but for “Time” Monday, June 1, 2009 Android Version 98% Shared Code with Web version Monday, June 1, 2009 Android • Full API stack • Tight integration with WebKit browser • Local database, 2D and 3D APIs • External XML UI/Layout system • Makes separating presentation from logic easier, benefits code sharing Monday, June 1, 2009 How was this done? • Google Web Toolkit is the Foundation • Target GWT JRE as LCD • Use Guice Dependency Injection for platform-specific APIs • Leverage GWT 1.6 event system Monday, June 1, 2009 Example App Code Device/Service JRE interfaces Guice Android Browser Impl Impl Android GWT Specific Specific Monday, June 1, 2009 Shared Widget Events interface HasClickHandler interface HasClickHandler addClickHandler(injectedHandler) addClickHandler(injectedHandler) Gin binds GwtHandlerImpl
  • Iran: Capacity and Methods of Authorities to Monitor Online Activities and Religious Activities of Iranians Living Abroad Query Response [A-10098] 12 June 2017

    Iran: Capacity and Methods of Authorities to Monitor Online Activities and Religious Activities of Iranians Living Abroad Query Response [A-10098] 12 June 2017

    BEREICH | EVENTL. ABTEILUNG | WWW.ROTESKREUZ.AT ACCORD - Austrian Centre for Country of Origin & Asylum Research and Documentation Iran: Capacity and methods of authorities to monitor online activities and religious activities of Iranians living abroad Query Response [a-10098] 12 June 2017 This response was prepared after researching publicly accessible information currently available to ACCORD as well as information provided by experts within time constraints and in accordance with ACCORD’s methodological standards and the Common EU Guidelines for processing Country of Origin Information (COI). This response is not, and does not purport to be, conclusive as to the merit of any particular claim to refugee status, asylum or other form of international protection. Please read in full all documents referred to. Non-English language information is summarised in English. Original language quotations are provided for reference. © Austrian Red Cross/ACCORD An electronic version of this query response is available on www.ecoi.net. Austrian Red Cross/ACCORD Wiedner Hauptstraße 32 A- 1040 Vienna, Austria Phone: +43 1 58 900 – 582 E-Mail: [email protected] Web: http://www.redcross.at/accord TABLE OF CONTENTS 1 Capacity and methods of authorities to monitor online activities inside Iran ..................... 3 2 Capacity and methods of authorities to monitor online activities of Iranians abroad ...... 14 3 Iranian authorities’ monitoring of religious activities of Iranians living abroad, including Christian converts .........................................................................................................................