eQualitie Blog

  • Deflect Labs Report #6: Phishing and Web Attacks Targeting Uzbek Human Right Activists and Independent Media

    Key Findings We’ve discovered infrastructure used to launch and coordinate attacks targeting independent media and human rights activists from Uzbekistan The campaign has been active since early 2016, using web and phishing attacks to suppress and exploit their targets We have no evidence of who is behind this campaign but the target list points to […]
  • Deflect Labs Report #6: Фишинг и веб-атаки в кампании против правозащитников и независимых СМИ Узбекистана

    Основные положения Мы обнаружили скрытую кампанию с применением фишинга и веб-атак, мишенью которой стали в первую очередь независимые СМИ и активисты Узбекистана. Эта кампания ведется с начала 2016 года; как мы выявили, веб-атаки применяются с декабря 2017, а фишинг – с марта 2018....
  • eQualitie statement on the detention of Ola Bini

    EMBASSY OF ECUADOR 99 Bank, Suite 230 Ottawa, Ontario K1P 6B9 To the Ambassador of Ecuador in Canada – Mr. Diego Stacey Moreno and to the Minister of Political and Economic Affairs, Mrs. Elizabeth Moreano, On April 11, data privacy and open source advocate Ola Bini was arrested at the Quito International Airport, where he […]
  • Deflect Labs Report #5 – Baskerville

    Using Machine Learning to Identify Cyber Attacks The Deflect platform is a free website security service defending civil society and human rights groups from digital attack. Currently, malicious traffic is identified on the Deflect network by Banjax, a system that uses handwritten rules to flag IPs that are behaving like attacking bots, so that they […]
  • News from Deflect Labs: DDoS attacks against Caucasian Knot

    Key Findings In November and December 2018, we identified 3 DDoS attacks against independent media website Кавказский Узел (Caucasian Knot) The first attack was by far the largest DDoS attack seen by the Deflect project in 2018, clocking over 7.7 million queries in 4 hours The three attacks used different types of relays, including open […]
  • Infracon 2019 – Barcelona

    Open Day The Infracon Open Day invites technology groups, NGOs, organized civil society and media in Barcelona to discuss technology solutions for self-determination and autonomy on the Internet. Register your participation below! Infracon – is a global conference for independent Internet service providers working on solutions for autonomous infrastructure. eQualitie and Pangea are bringing together […]
  • Deflect Labs Report #4 – Anatomy of a booter

    Key Findings We identified a DDoS attack against the Israeli human rights website on the 2nd of November Attackers used three different type of relays to overload the website and were automatically mitigated by Deflect We identified the booter infrastructure (professional DDoS service) and accessed and analyzed its tools, which we describe in this article In […]
  • News From Deflect Labs: Botnet Targeting WordPress Websites

    Key Findings We identified traffic from thousands of IPs trying to brute-force WordPress websites protected by Deflect using the same user-agent (Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0) since September 2017 We confirmed that it was not only targeting Deflect protected websites, but targeting also a large number of websites over Internet We analyze in […]
  • News From Deflect Labs: DDoS attacks against Vietnamese Civil Society

    Key Findings We identified 10 different DDoS attacks targeting two Vietnamese websites protected by Deflect, and, between the 17th of April and 15th of June 2018. These attacks happened in the context of an important lack of Internet Freedom in Vietnam with regular online attacks against activists and independent media. We sorted these […]
  • 2018 IFF ‘Tools & Tech Showcase’ to feature user stories

    The annual Internet Freedom Festival (IFF) in Valencia, Spain from 5-9 March 2018 will have hundreds of sessions and 1,700 participants from 130 countries. In addition, the 2018 IFF will feature its fourth edition of the Tools & Tech Showcase, organised by The Engine Room and on the evening of Thursday, 8 March from […]
  • Deflect y eQPress

    Sobre Deflect El proyecto Deflect es un servicio que disminuye las afectaciones de un “Distributed Denial of Service” o Ataques distribuidos de denegación de servicio (DDoS). DDoS se refiere al intento de hacer un aparato o red (network) no disponible para el usuario. Deflect neutraliza los cyberattacks contra medios independientes y defensores de derechos humanos. […]
  • Introducing (n+1)sec – a protocol for distributed multiparty chat encryption

    Today we present (n+1)sec, a free (libre), end-to-end secure, synchronous protocol for group chat developed by with support from the Open Technology Fund. After 2 years of design, development and testing, we are releasing the (n+1)sec protocol and library for securing group conversations on various messaging systems, like Jabber/XMPP or IRC. Following a  protocol and […]
  • Distributed Deflect – project review

    This is the fifth year of Deflect operations and an opportune time to draw some conclusions from the past and provide a round of feedback to our many users and peers. We fought and won several hundred battles with various distributed denial of service and social engineering attacks against us and our clients, expanding the […]
  • IFF Tech&Tools Showcase 2017 – #12 Zifra

    Zifra is a building a memory card with state-of-the-art encryption capabilities. Not only does it encrypt, but it also hides the files so that they become invisible to prying eyes. Two guiding principles in Zifra’s development are openness and user-friendliness. Verified open source code is used for crucial parts of the solution and Zifra’s technology […]
  • IFF Tech&Tools Showcase 2017 – #11

    Freedom of expression comes in many forms. One of them is the ability to send value to another person or business regardless of location or intent. Current financial privacy models are based on centralized systems which historically limit inclusion to the global market and are susceptible to compromise and potentially unlawful subpoenas, as highlighted in […]
  • IFF Tech&Tools Showcase 2017 – #10 Wire

    Wire is a secure, end-to-end encrypted messenger. It’s open source, works on phones, tablets and computers, supports up to 7 devices per account, and doesn’t require a phone number to register. Wire is headquartered in Switzerland with servers in the EU.Wire started with an idea that people need and deserve a privacy-focused messenger that wasn’t […]
  • IFF Tech&Tools Showcase 2017 – #9 Toosheh

    52% of the world population does not have access to any form of internet. 80% of the world doesn’t have access to an internet that is 100% uncensored. Toosheh is an innovation that can provide access to free data to a lot of people with a limited or no internet access all over the world […]
  • IFF Tech&Tools Showcase 2017 – #8 pretty Easy privacy (p≡p)

    p≡p stands for pretty Easy privacy. The idea is to make end-to-end cryptography accessible to everyone by automatizing all steps usually taught to users at CryptoPartys, starting from OpenPGP encryption for email and then including chat communication channels like XMPP+OTR. p≡p end user software comes along with a cloudless (peer-to-peer) synchronization protocol allowing users to […]
  • IFF Tech&Tools Showcase 2017 – #7 Passbolt

    Passbolt is an open source password manager built for collaboration. It allows teams to securely share and store credentials – like the wifi password of their office, their organisation’s Twitter handle or the administrator password of their router. It’s 2017 and the most popular passwords are still “123456” and “azerty”. Most people still reuse passwords […]
  • IFF Tech&Tools Showcase 2017 – #6 Paskoocheh

    Due to heavy information controls, Iranians face significant challenges when attempting to access the Internet. In addition, popular Iranian app markets such as Cafe Bazaar are not allowed to distribute any circumvention tools, and many tool developers over-comply with sanctions by not making their tools available to Iranians. Paskoocheh is a response to these problems. […]
  • IFF Tech&Tools Showcase 2017 – #5 Gridsync

    Gridsync is an open source, cross-platform desktop application and graphical user interface for Tahoe-LAFS, the Least Authority File Store.   Tahoe-LAFS’s unique design offers a number of highly-desirable features for users that require secure and reliable cloud storage: its “provider-independent” security model ensures that storage service providers cannot read or alter the data of their […]
  • IFF Tech&Tools Showcase 2017 – #4 Coral Project Talk

    Online comments are broken: managing interactions with readers can be so challenging that many newsrooms are closing comments. This may be a way of saving on resources, but also isolates journalists from their readers. The Coral Project – a project focused on the needs of community journalists founded by Mozilla, The New York Times, and […]
  • IFF Tech&Tools Showcase 2017 – #3 Certbot

    In a nutshell, Certbot is a tool for getting certificates from the Let’s Encrypt certificate authority (CA) and configuring your web server to encrypt users’ connections to your website with Let’s Encrypt certificates. But there’s more to it: Certbot is an easy-to-use automatic client that fetches and deploys SSL/TLS certificates for your webserver. Developed by […]
  • IFF Tech&Tools Showcase 2017 – #2 Bitmask

    Bitmask is an open source desktop app that aims to be an intuitive and easy-to-use client for VPN and Encrypted Email. Bitmask is a project developed by LEAP, a non-profit dedicated to giving all internet users access to secure communication, with a focus on making encryption technology easy to use and widely available. LEAP is […]
  • IFF Tech&Tools Showcase 2017 – #1 Amnesty Decoders

    Amnesty Decoders is an initiative by Amnesty International born out of a desire to inspire a new generation of digital activists to contribute in real time to human rights research. With this project, Amnesty started building a community of tens of thousands of volunteers who are helping the organisation turn mountains of messy data into […]
  • at the Internet Freedom Festival

    The Internet Freedom Festival (IFF), the Global Unconference of the Internet Freedom Communities, will take place in Valencia, Spain, from the 1st to the 6th March 2017. With over 1000 participants from more than 100 countries, and with 40% of women registered in the event, the IFF focuses on inclusivity and skill sharing and will […]
  • Distributed Denial of Women – a general strike

    It’s a well-known problem: the tech industry, be it proprietary or open source, hasn’t managed to tackle inequality in its ranks despite several proactive efforts and millions of dollars invested to diversify their staff. There are many explanations and critiques of these approaches, but in the end what counts is that technology is still developed […]
  • Who bytes your bits? – digital security training in Toronto

    On the 9th February’s director Dmitri Vitaliev will lead a digital security training for high-risk journalism hosted by journalist Susana Ferreira as part of #OffAssignment Toronto, a series of workshops and talks for freelance journalists and independent media-makers in Toronto, and organized with the support of CJFE at the DAIS Tkaronto Gallery in Toronto […]
  • Deflect in 2016 – an overview

    In 2016, Deflect set some records and helped defend online voices against some record breaking attacks. Throughout the year, Deflect served a bit less than 2% of the population connected to the Internet in 2016, published 3 DDoS analytic reports, mitigated the strongest DDoS attack that ever targeted our network, renewed its funding and began […]
  • Deflect Stats December 2016

    In December 2016 the Deflect network recorded a slight increase in the number of total hits as compared to the previous month, with a comparable number of unique visitors and banning events. Overall, our edges served 635.4 million pages to 9.6 million unique visitors and banned 36,681 bots.   The following pie charts offer some […]
  • Deflect Labs report #3

    Botnet attack analysis of Deflect protected website Seamus Tuohy and View the report with 3D rendering (5mb) This report covers attacks between April 29th and October 15th, 2016. Over this seven-month period, we recorded more than a hundred separate denial-of-service incidents against the official Black Lives Matter website. Our analysis shows a variety […]
  • Deflect Stats November 2016

    In November the Deflect network served pages to many legitimate visitors interested in breaking news reported by deflected websites, and mitigated automatically some intense attacks. During the month, Deflect served 585 million pages to 9.8 million visitors, with a slight increase of unique IPs as compared to our October statistics, suggesting a rise in the […]
  • TA3M, December 19th – the Cryptmas edition

    Our techno activism 3rd Mondays events are back! This time with a focus on mobile security and anonymity. As recent reporting highlighted once again the dangers to personal privacy from modern day surveillance, we are offering an overview of current possibilities for improving your mobile privacy, just in time for Christmas! We will discuss: – […]
  • Deflect Stats October 2016

    In October Deflect’s metrics kept following the trend we had seen in September, with comparable figures in terms of unique visitors (9.3 million) and a slight increase in total hits (632.8 million requests reaching our edge servers), but with almost twice as many bots identified and banned by Deflect’s banning system – 50,323 bots against […]
  • Deflect Stats September 2016

    In September, Deflect metrics grew as new websites joined the service and a popular Syrian website rejoined Deflect to ensure an uninterrupted news stream on the regional conflict. In other news, the Internet witnessed the largest ever DDoS attacks, surpassing 600gbps and then 1 terabyte of traffic per second. These events followed the leaks of […]
  • Deflect Stats August 2016

    “No news is good news” in the DDoS mitigation game, and this is what we were hoping for in August 2016. We decided to capitalize on this opportunity and focus the team on new developments supporting free Let’s Encrypt certificates for all Deflect clients, as part of the TLS/HTTPS system. Then, on the 29th everything […]
  • Deflect Stats July 2016

    From what we can conclude from our statistics, during the month of July bot controllers must have come back from their holidays, since the traffic on the Deflect network has started to increase again and we have witnessed one of the most intense bursts of DDoS attacks we had observed so far. This series of […]
  • Deflecting cyber attacks against the Black Lives Matter website

    Last week and throughout the weekend, Deflect helped mitigate several DDoS attack bursts against the official Black Lives Matter website. At current estimates over 12,000 bots pounded the website just over 35 million times in 24 hours. An unusual trait of this attack was the prevalence of  malicious connections originating from the US. An in-depth […]
  • Deflect Stats June 2016

    If any conclusion can be drawn in comparing this month’s statistics with the rest of the year, it’s probably that hot weather is also discouraging to those bot controllers launching DDoS attacks! The month was rather uneventful on the malicious side of things, but the team worked in earnest to improve our mitigation mechanisms, including threat […]
  • Deflect Stats May 2016

    May 2016 was an interesting month for Deflect. We began the month with two intense attacks that required our team’s intervention right in the middle of May Day. After this, the month unrolled with a series of smaller attacks against the same websites, which were by then automatically mitigated by the Deflect network without requiring […]
  • Deflect Labs Report #2

    Botnet attack analysis of Deflect protected website This report covers attacks between February 1st and March 31st of six discovered incidents targeting the website, including methods of attack, identified botnets and their characteristics. It provides detailed technical information and analysis of trends with the introduction of the Bothound library for attack fingerprinting and […]
  • Deflect Stats April 2016

    April 2016 was noticeable for the amount of attacks launched against Deflect protected websites. Most of them were using the WordPress Pingback reflective attack method. Ukrainian readers topped our statistics this month, with readers from the United States, Ecuador and Russia also generating several million daily hits.       An interesting set of data […]
  • TA3M May ’16 – “Who Am I” Film Screening

    Join us for the next TA3M for a screening of the German hacker film Who Am I. After the screening we will host a group discussion led by Gabriella Coleman (Professor at McGill University who works on computer hackers) and Thomas Geffroyd (Ubisoft, Content Director for the Hacker game Watchdogs) about the film and the […]
  • eQPress – secure hosting with Deflect

    In the last few months, the Deflect team has set up a hosting platform that allows anybody to have an easy-to-manage, secure website (or even a multisite) that protects you not only from DDoS attacks, but also from other problems that may arise if your hosting provider is poorly resourced, unable to handle basic attacks […]
  • Use the Console to manage your eQPress account

    When you first create a website on eQPress, what you need to know is how to configure it and how to use WordPress. But if you’ve ever managed a WordPress-based website or blog and/or have just migrated your existing site to eQPress, you will probably be already familiar with the WordPress Dashboard and don’t need […]
  • TA3M APRIL ’16 – a Basic Internet Service in Canada?

    Should Canada do more to encourage broadband adoption? The CRTC is currently debating whether to define a basic Internet service and whether to subsidize Internet access to rural, remote or low income communities. For people interested in the information superhighway, this hearing is when the rubber hits the road. Concordia professor Fenwick McKelvey will introduce […]
  • Deflect stats March 2016

    This is the first in a monthly series of posts sharing and discussing statistics on the Deflect network. March 2016 was a busy month for us. We began to publish analytic reports on DDoS attacks against some of the clients we protect on the network. Our aim is to help the target’s advocacy efforts and […]
  • Deflect Labs Report #1

    Botnet attack analysis covering reporting period February 1 – 29 2016 Deflect protected website – This report covers attacks against the Kotsubynske independent media news site in Ukraine, in particular during the first two weeks of February 2016. It details the various methods used to bring down the website via distributed denial of service […]
  • Deflect Labs – fighting impunity with analytics and advocacy

    For the last four years, the Deflect DDoS mitigation system has protected independent online voices from the onslaught of cyber-attacks aiming to silence them. We have grown, learning our lessons as we took the punches. One aspect of this work stood out as particularly interesting during this time: there were stories to be told in […]