Ethiopia’s spy agency steps up internet, phone surveillance

June 3rd, 2012

Ethiopia’s spy agency – the Information Network Security Agency (INSA) — has stepped up surveillance and internet censorship.  INSA has adopted Deep Packet Inspection (DPI) technology to eavesdrop, data mine, censor and intercept communications, according to the TOR Project.

Repressive governments such as China, Iran and Kazakhstan routinely employ DPI technology.  Ethiopia’s spy agency conducts much of its surveillance through Ethio Telecom, the government monopoly that controls telephone and internet communications.

According to information security experts, Deep Packet Inspection allows a spy agency to  “look inside all traffic from a specific IP address, pick out the HTTP traffic, then drill even further down to capture only traffic headed to and from Gmail, and can even reassemble e-mails as they are typed out by the user.”

TOR promotes an open network that helps users defend against a form of network surveillance that threatens personal freedom and privacy. TOR stopped working in Ethiopia on or around May 24, 2012.

Click here for  TOR report on surveillance by Ethiopian authorities: 

Update:  How to bypass the censorship

By Runa | The TOR Project

June 3.  A few days ago, we published a blog post exposing the use of Deep Packet Inspection (DPI) to filter all Internet traffic in Ethiopia, including connections to the Tor network. We concluded that they are doing some sort of TLS fingerprinting, but had not been able to figure out exactly what they are fingerprinting on. Since then, we have managed to determine exactly how Ethiopia blocks Tor and we have developed a workaround. We will publish a full technical analysis very soon.

The long-term solution for Tor users in Ethiopia is to use the Obfsproxy Tor Browser Bundle. The bundles are, unfortunately, not up to date at the moment, but this is something we are working on (see #5937 for details). In the meantime, try using one of the following three bridges:

213.138.103.17:443
107.21.149.216:443
46.137.226.203:55440

If the bridges are not working, or you have questions, send an email to help@rt.torproject.org