Everyone is doing it wrong. Wikileaks, now these guys...
Facebook and Twitter are companies. They have no obligation to help you out, and if you cause them any inconvenience they'll drop you. The Internet and the Web are open and free platforms. Dissidents should buy their own domain names, host themselves in different countries and stop trusting a single company to help you in a REVOLUTION. Something so important as a revolution should not depend so tightly on a single US company with a 20-something hip nerd as CEO.
Edit: okay, they get some credit for the degage.tv site. That's pretty awesome. But don't be surprised if the twitter account disappears.
To me, Facebook (etc.) looks like a pretty good option in that situation.
What alternatives would you suggest?
One instance of such a site would be fairly easily penetrated by a government. However, if you divide up your organization based on strong personal relationships, you can require an adversary government to penetrate dozens or hundreds of such sites. (cells?)
EDIT: Add Rackspace and Linode and whoever else can provide low-cost hosting. A government might shut down one hosting provider. Shutting down the top 10 might cripple an economy.
EDIT: Also, use Google Voice as an SMS forwarder so that those without smartphones can at least have obfuscated comms. Or maybe a custom app with Twillio?
Another idea: Have such sites continually back themselves up to Amazon S3. This way, if a government does try some knucklehead move like banning Linnode, then people an just resurrect the site on another provider. (And chances are, a government besides the US won't be able to block network between that provider and S3.)
> You want to reach friends, acquaintances, and neighbors. You want a feed that people can follow from an account they check every single day. You want people to be able to find the latest information from their mobile phones.
Email fits the bill here, 100%. Free, safe (SSL), distributed (choose any provider you like), anyone who has Facebook on their mobile device has email.
Form big mailing lists, and send email around. Is there any particular reason that you think Facebook is better suited to this task than email?
Facebook, Twitter, and YouTube (unlike email) allows people to see updates without having to know about the email list. So that makes it much easier for a movement to get the word out beyond its core supporters and for like-minded people to find each other: "Oh look, my neighbor/colleague/second cousin just posted an article from Al Jazeera on Facebook. Funny, I didn't know she was political. Maybe we should talk."
Most younger people these days do most of their news and communication via social network sites. As an activist, that's where you want to be.
And about email's supposed advantages:
If you have a server to host it, and the networking connectivity to get to it. What percentage of activists in Tunisa do?
> safe (SSL)
If you keep the server secure.
> distributed (choose any provider you like)
All Tunisian ISPs are owned by the government
Well, they have Facebook, don't they?
> All Tunisian ISPs are owned by the government
They don't need to use their ISP's service. They can sign up for any one of thousands of secure, out-of-the-country accounts.
Nearly all your reasons for rejecting email apply to Facebook too.
> Facebook, Twitter, and YouTube (unlike email) allows people to see updates without having to know about the email list
No. Not at all. "The email list" in the case of a revolution should obviously include everyone you know. Facebook is closed off to only the people you know. It doesn't matter if you don't know that someone is politically active. It's a motherfucking revolution, they're going to be interested. Email them.
Most of them have Facebook but don't have servers -- or skills to administer it.
They may not have a credit card to pay for these secure out-of-the-country hosting accounts; if they do, the government will be monitoring their transactions so they'll get exposed anyhow.
> "The email list" in the case of a revolution should obviously include everyone you know.
Nonsense. In a country like Tunisia you may well be putting somebody's job at risk if you send political mail to their work account, so you have to be a lot more discerning. And this has been going on for over a month - if an activist sent all the updates to all of their friends in email, people would have long since stopped reading.
Why do you think the government ignores Facebook completely when monitoring connections? In many cases sending Facebook messages allows the government to eavesdrop even easier.
In times of revolution, encrypt your communications. Even Gmail has full SSL - if you trust Google. If not, there are others.
How can anyone know what someone's email reads when it was sent over SSL? I never mentioned "work email" either, that's probably a silly idea. But everyone has a personal account too.
> I never mentioned "work email" either, that's probably a silly idea. But everyone has a personal account too.
Maybe, but not everybody knows it -- for a lot of current and former colleagues, I just have their work accounts.
Email is sent plaintext by default. Your scheme would work if everyone just used foreign-hosted web email providers with the option for SSL selected. But all you need is for one person on the list to be not following instructions and downloading their email using unencrypted POP to their home PC in the wrong country, and your adversary can intercept your comms in plaintext.
So, it's a reasonable suggestion, and I might try it next time I'm running an activist campaign. But Facebook looks like an easier alternative to me.
Back in 2009, for example, the key Mousavi Facebook page is run by somebody outside of Iran. Supporters who want to expose themselves publically can 'friend' the page and easily share information publically; but people who don't want to can view it without being on a list. Similar things are happening in Tunisia.
And the government got email passwords with its keystroke logging too.
But on Facebook, you do have a "Friends" list. That's the same thing as a contact list. If the government is keylogging for email passwords, they can keylog Facebook passwords too.
Facebook isn't somehow "more secure" than email.
i'm not arguing more or less secure; i'm arguing that the risk/effort/cost/benefit profiles are different, and in most situations for younger activists and audiences the balance favors Facebook.
The information needs to be disseminated, but companies as large as the two mentioned may have enough conflicting interests that to allow a wanted person to interact with them would be a betrayal in itself.
Kicking dissidents off Twitter and Facebook might be like forbidding children from playing in the street. "This system is not set up in your interests, pursue them elsewhere."
In this case, I'd say it's probably in their own interest that Facebook is "silencing" them...
It's important in times like what Tunisia is going through for people to be open about their opposition, their numbers as insurance for their safety. Sure, it's dangerous, but what revolution isn't?
a) the second half of this sentence contradicts the first: you're claiming you know something about their interests
b) you're wrong. Facebook is an extremely effective tool for activists in general, even in repressive regimes. in the Tunisian protests, it's been used to share vidoes, update people on news from Al Jazeera and other outlets that aren't controlled by the government, get word out about protests, and see the final status message of Mohamed Bouazizi -- the guy who killed himself in Sibi Bouzid and touched off the revolution.
tens of thousands of people are putting their lives on the line by going out in the streets where police are firing live ammunition -- over 60 have died in the protests. by those standards posting something on their Facebook profiles isn't risky at all.
When you're going out on the street, you're putting yourself at risk. When you use a service like Facebook for dissent, you're also putting family and friends at risk (and likewise if your family or friends use it). The specifics may vary according to the situation, but the principle doesn't.
but the risk profiles are very different:
- go out in the street: risk getting killed, or bashed with a nightstick, or photographed (in which case you wind up on a list and they may target you, your friends, and your family
- share a link on Facebook: risk winding up on a much much longer list (so they're less likely to have the resources to target everybody on it, let alone their friends and families)
Have you thought about a presentation or blog post on "the promise and challenges of distributed social networks for human rights" (or something along those lines)? the timing could be very good ...
FB and twitter are the last place any revolution should take place on as than you have adversary using same service to out the victims to dictator authorities..