Why the govt lost to the UDD on the tech battlefield | Bangkok Post: tech

Tech >

Why the govt lost to the UDD on the tech battlefield

The protesters' movement was bolstered by a surprisingly sophisticated media campaign to make sure its followers were kept informed - and emboldened - over cyberspace,

While the protests might be over, no one can guarantee our safety in cyber space.

With anonymous proxy applications, viewers can access blocked websites such as www.norporchorusa.com through the browser.

Digital technology has become the weapon of choice in times of conflict. During the recent political unrest in Thailand, an intense war of information has been waged between the government and its opponents, the United Front for Democracy Against Dictatorship (UDD), in cyberspace.

Both have the knowhow, but it is believed that the UDD has adopted more advanced technology than even the government.

While the government has been attempting to block controversial websites via the traditional URL filtering approach with co-operation from ISPs, the UDD responded by developing a browser toolbar to enable less tech-savvy users to circumnavigate the usual typed URL approach and facilitate access to the movement's Internet radio and TV broadcasts and chat rooms.

Furthermore, connectivity for the UDD's applications do not utilise the same general ports commonly used by Internet browsers, namely TCB 80 (http) or TCP443 (SSL/https). This renders the traditional URL-filtering blocking mechanism ineffective since it only works well when blocking web pages, not Internet multimedia streaming.

The URL filtering technology has further drawbacks still. For example, the top-level http://www.xyz.com can be blocked, yet subsequent pages inside the website, such as http://www.xyz.com/abc, are still accessible. That's why websites such as http://www.prachathai.com/xxx cannot be blocked, because the whole address does not match with any flagged string. The current system employed by the ICT Ministry in conjunction with ISPs can do nothing to resolve this case.

The UDD has effectively employed the Internet as tool to spread its ideology and increase the psychological impact of the information it distributes. The group has trained its followers to access its broadcasts and media across several channels, such as Internet, GSM, 3G, VoIP, Wi-Fi, terrestrial television, satellite TV, cable TV, IPTV, analogue radio and Internet radio.

Viewers can download and install the UDD's Norporchor toolbar to access dedicated websites, or the UDD Thailand Player to view IPTV broadcasts.

When the government's expert team analysed the network with the aim of identifying the source and thereby blocking access to, and broadcasting from, the UDD Thailand Player, they found that the Red Shirts had intelligently applied Cloud Computing technology by running Google Appspot and Microsoft Horizon from two locations of servers in the US - Mountain View, California; and Redmond, Washington.

The UDD also has identified how to access blocked web sites via anonymous proxies. Viewers simply download the proxy application, which will run through the browser and enable users to access any banned content.

"With this software, users can prevent the government from identifying their IP address," said the source.

Based on in-depth correlation technical analysis of the UDD network, it was found that Norporchor IPTV transmissions have been made via different Prachathai domains registered with the GTLD (general top-level domain), including prachatai.com, prachatai.net, prachatai1.com, prachatai.org, prachatai board.com, prachathai webboard.com and sameskyboard.com.

Security experts analysed the correlation betweeb the web servers of the Prachathai domain and other domains and found four IP groups that have no association with each other. So they further explored the correlation between the DNS server and the mail relay server.

Based on the intelligent data gathering with correlation technical analysis at the DNS server, they found that the four IP groups comprised of one big group and two small groups.

At mail relay server level, they found the UDD technical team had applied Web 2.0 technology via Google applications, with only one big group and one small group, and they identified the webmaster of Prachatai and finally the correlation with the Norporchor network.

To tackle the matter, the government's security team suggested using a new technique called "In-depth intelligence information gathering" and the established in-depth IP package analysis technique. It has been suggested to the government that it considers setting up a cyber security intelligence team to support in-depth correlation analysis and also implement Common Lawful Interception Architecture (CALEA) at Thailand Internet Core to facilitate in-depth analysis of malicious Internet communications. This would be carried out under the umbrella of the national-level cyber security council.

About the author

Sasiwimon Boonruang
Writer: Sasiwimon Boonruang
Position: Life Writer

Bangkok Post online classifieds

Try buying & selling goods and properties 24/7 in our classifieds which has high purchasing power local & expatriate audience from within Thailand and around the world.

Most Viewed

Forum

image

Your comments

  • kc

    Discussion 31 : 02 Jun 2010 at 14.2731

    haha, this is the quality of security experts in thailand. 4 groups of IP address, and who i it registered to may i ask. unless prachathai is a size of a google or HP then probably aina willgive them thier block (small one). ever heard of NAT? and the tyype of url filtering you are describing is at least 30 years old tech. wonderful tech security u have there.

  • capi

    Discussion 30 : 26 May 2010 at 16.3230

    Maybe Abhisit can ask his friends in Myanmar or China about how to make sure his people don't have free access to information. Sorry folks but its normal in every country to have a government and an opposition but when the government censor all the oppositions communications then you are no longer living in a free democracy but a totalitarian dictatorship. Thailand used to be famous and respected for having the best free press in SEA now its is somewhere far beneath Indonesia and cambodia - even if you don't like the reds you need to realize that censoring any info you don't like is a very big step backwards for thailand

  • John

    Discussion 29 : 26 May 2010 at 15.1429

    prachatai was supposed to be an independent news website, but in fact just another UDD ally. Shame.

  • dao

    Discussion 28 : 26 May 2010 at 13.4428

    Thaksins tactics serve one person himself .The sooner people can figure it out the sooner Thailand can move forward as one .Without Thaksin and his cronies Chavalit and Chalerm the UDD would be a significant contribution to the Thai political scene instead of what it is now a drain .

  • nahm roo

    Discussion 27 : 26 May 2010 at 13.2527

    And we were lead to believe that the Reds were nothing more than the poor seeking justice.. Remember the class war ???

  • mustang67

    Discussion 26 : 26 May 2010 at 13.2426

    Some of you pro government supporters ever thought that maybe alot of tech savvy people are sympathetic to the red shirts?

  • John

    Discussion 25 : 26 May 2010 at 12.4625

    There is always ways around everything. Even the new tactics the government is employing has flaws. I would suggest that the government invest your money elsewhere rather than concentrate on blocking objectionable material. If you think you will plug all the leaks in the information age you are sadly mistaken. I think the UDD should be able to pick up a few indian programers that will not charge much and knows how to beat any system the government employs.

  • jim

    Discussion 24 : 26 May 2010 at 11.2224

    yes the lies of udd,no guns no bombs,just a peaceful protest,lies to the real reds,open your eyes

  • Ivy

    Discussion 23 : 26 May 2010 at 11.1723

    Most red shirt are poor farmers who don't even know what internet is, not to mention email.

  • Mr V

    Discussion 22 : 26 May 2010 at 10.4722

    Hey, anyone really seeing what is said here? There is strong technical implication that Prachatai and UDD have strong connection. Very very important to see if this is true.

 1  2  3  4  Next Last

Reply

Sign in once and access every part of the website at your convenience!

Please log in to our Bangkokpost.com community to post your comment.
You can sign in to the community by clicking here.

If you are not part of the community yet, please sign up here. By being part of this community you will get all these privileges.