Sign in with Twitter

Username:

cda @CDA Washington, DC

Researcher on Internet infrastructure, state-sponsored hacking, sanctions, human rights, and authoritarianism; 'Blonde guy, talks about Iran a lot.'(ملا لغتی)

759 Following   7,188 Followers   341 Tweets

Joined Twitter 1/9/09


@KevinBankston Keep an open mind. @KevinBankston Should probably just leak it to Buzzfeed directly.
4/15
2021
@SaoudKhalifah @FakespotTweets Please check your contact@ email. Bit timely.
4/13
2021
@blakereid After Prometheus and Duguid, I was resigned to this. You’re a monster.
4/1
2021
@jfslowik I’d super follow this tweet.
3/20
2021
@alexstamos That’s not true either. COPPA doesn’t pretend that preteens aren’t users —— it’s that platforms don’t b… https://t.co/C5YVkYCu8c @alexstamos What are you talking about? COPPA has a mandatory statutory review, and the FTC ran an extensive additi… https://t.co/h4VhCwql1H @SeriesofTubes I mean, the FTC literally re-examined COPPA seven months ago.
3/19
2021
@joejerome Love it when a “free state” foundation calls for undermining federalism.
3/16
2021
@Ammir Given that it’s buried in a wp-admin folder, it looks like it’s a breached site. So I’d poke around the sour… https://t.co/96dVwskAPp
3/15
2020
@AliMirjamali @Hamed Thanks for spotting this – I've made my profile public for now. If folks plan to cover this mo… https://t.co/bkufCi3DmT
11/25
2020
6.) Re: 'voter database breach video.' Staged and fake. Attackers obscured details of the sqlmap operation, not to… https://t.co/yWXOP5jcvM5.) Re: this. The breached sites were on shared hosting servers, so naturally this happens. At least one of the ema… https://t.co/tbd5o8FqQV4.) There has been some suggestion that the Proud Boys' inability to maintain hosting (good) contributed to the cam… https://t.co/VHA5pfW4nq3.) Pretty clear no voter files were breached. Would seem residents of Florida are particularly susceptible to ha… https://t.co/N3WxqmXimu2.) The threats were sent using mailing scripts hosted on those breached domains; childish stuff, but the mailer pr… https://t.co/xOB0yRb1CL1.) There have been reports that the emails were sent from Estonia and Saudi Arabia. This is imprecise. Those behin… https://t.co/fn5iEotLnGThere has been a frustrating dearth of information about these Proud Boy / Iran emails. So I want to take a moment… https://t.co/djExZ2TpGX𝐼𝓃𝓉𝑒𝓇𝓃𝒶𝓉𝒾𝑜𝓃𝒶𝓁 𝒞𝓎𝒷𝑒𝓇𝓌𝒶𝓇 https://t.co/yha9t7fgYg
10/22
2020
Czesław Miłosz – https://t.co/qdQvbePhpu
10/2
2020
New hobby project — coaware, a tracker for COVID-19 exposure notification apps, for watching and mapping their adop… https://t.co/iP5nw2rCfp
9/25
2020
Heh, "khar pedar." These Iranian hackers just don't give a damn. https://t.co/0kfpajTSRL
7/7
2020
Ten thousand retweets and enraged quote tweets in reaction to a "police officer from Texas" calling for civil war –… https://t.co/3iIBTP9YA0
7/3
2020
If you’re targeted by harassment by @tataloo and his clique, please email me at cda@cda.io. Rounding up reports.
4/24
2020
I think another story here is buried. Whoever was behind the Telegram monitoring seems to have scraped Instagram fo… https://t.co/aCb6owCjcMIn the mystery of the leaked Iranian Telegram data, may I suggest BotSaz – the Telegram bot developer who's Gitlab… https://t.co/EDJYUn5Wcs
4/3
2020
Sure enough, when @masoud_molavi was killed, @jabeh_siah immediately went silent on Twitter and Telegram… https://t.co/Mr2wJ8LTsu
3/28
2020
https://t.co/NkW1cN5U2R
3/27
2020
Apparent cuts to Iran's international internet connections this morning timed with #PS752 announcement and protests… https://t.co/IWhhj7j1lA
1/11
2020
The Clausowitz account has now been removed. I've converted and archived the World War 3 book for researchers. Whoe… https://t.co/JVpK2ydMxn
1/6
2020
Well this is novel (heh): a fake account playing off political divisions on Soleimani is promoting a 616 page, pro-… https://t.co/5zlI53fVhIFake accounts trying to stoke political tensions related to Iran with racist baiting of prominent personalities and… https://t.co/YlzL8NsMEK
1/5
2019
@isik5 @netblocks @atoker Since @Netblocks blocked me, can you tell me if my other questions were answered? https://t.co/SskTlZj9rD @atoker @isik5 @netblocks Hah, well in this case, its because @Netblocks blocked me. Can't see the tweet – can you… https://t.co/ze1Qn40Lpg @isik5 @netblocks Quite disappointing @Netblocks has tried to marginalize, deflect, mislead, & ignore legitimate qu… https://t.co/fSAJiEehJQFor five days, I've sought simple answers and basic reforms from @Netblocks in order to protect dissidents and at-r… https://t.co/0kT18LJH1A @atoker @isik5 @netblocks I don't understand Alp, for several days I have repeatedly asked you a set of simple ques… https://t.co/cRxTLmQseK @atoker @isik5 @netblocks You've made repeated and specific claims that Netblocks is GDPR compliant. If Netblocks i… https://t.co/JF2qJLvtuL @atoker @isik5 @netblocks That's false, Recital 30 states IP addresses are associated with natural persons. Consequ… https://t.co/54gAa8nMxd @isik5 @atoker @netblocks So then you do acknowledge – despite Alp's insistence to the contrary – that Netblocks co… https://t.co/rErocV9j2J @isik5 @atoker While @atoker provided misleading responses about the collection of personal data with tests, specif… https://t.co/rqCYbECs8h
12/19
2019
@atoker @isik5 @levjoy I don't know what that is or what it's in reference to. Sounds like you have other problems… https://t.co/vLzOwDc34A @atoker @isik5 @levjoy I understand you have a history of maligning and dodging researchers that ask critical quest… https://t.co/fZZz8RtgKX @atoker @isik5 @levjoy I asked about access to data, you only said that you'll do it as contract work. That's a dem… https://t.co/LdbMFs7lor
12/18
2019
@atoker @isik5 @levjoy More evasion and distraction Alp, have members of the research and activist community raised… https://t.co/5JckXph9Vr @atoker @levjoy Netblocks doesn't offer answers or reform, only intimation and ad hominem to dodge questions and su… https://t.co/YiB7alsN0FBefore citing or engaging with Netblocks' claim, everyone now needs to take a step back and ask them: Where did t… https://t.co/b7osDLEWFSNetblocks claims to be open source, however, its Github repositories are abandoned and incomplete. Diffscan and the… https://t.co/f7OLuBtVRsNetblocks' recent inaccurate graph tells us they are using BGP data. That cannot come from a user probe. Moreover,… https://t.co/vTCKaETDsk @Netblocks cites a tool called 'diffscan' that "map[s] the IP space of a country." That's like saying 'a thermomete… https://t.co/d5vuPVLkzINetblocks owes the human rights community a full and open explanation about its operations & methodology.… https://t.co/8WmvqQnS4N @isik5 @LeaKissner Moreover, this is a data-use policy that individuals will only reach after they have landed on a… https://t.co/n0S8pQGjzU @isik5 @LeaKissner After repeatedly, and falsely, claiming the data-use policy discloses Netblocks' censorship meas… https://t.co/XhYCUW2QDS
12/17
2019
@atoker No you didn't. https://t.co/SskTlZj9rD @atoker Whether it is funded or not does not matter at all to the clear ethical failures and lack of concern expres… https://t.co/fQsJmm8NJz @atoker @seamustuohy @isik5 @netblocks 1.) Where's your test list? 2.) Where is opt-in consent? 3.) What measures… https://t.co/KScWQFbA13 @atoker Burying deceptive and unethical practices in a policy page is still deceptive and unethical. Appreciate tho… https://t.co/qKWzDrqFLw @isik5 @LeaKissner Where has Netblocks published any ethical review, threat model, or consideration of risks to the… https://t.co/sg5ie945xZ @atoker @isik5 You've made clear that Netblocks has no intention to follow any basic ethical standards. You're be… https://t.co/ZqiI89kZWC @atoker @isik5 > "Disclosure is right there on the site." Where? Where on Netblocks does it disclose to visitors t… https://t.co/j64ktAjOxo @isik5 @atoker It is bad faith when you: a.) falsely claim that your censorship measurements are an unrelated W3C m… https://t.co/LPIq1TahW6Netblocks' @isik5 and @atoker have – in public & private – repeatedly misrepresented how their system works, relied… https://t.co/T2MyJkKOzN @atoker @isik5 You stated that you were observing my requests to the backend API, so you are clearly collecting IPs… https://t.co/JonTktpvEk @atoker @isik5 This is all bad faith – W3C standards have nothing to do with Netblocks' practices. You can absolute… https://t.co/OLM23ogENg @atoker @isik5 Why does Netblocks not disclose the testing to visitors at all? Why does it not provide an opt-in… https://t.co/KnFn5GHyNO @atoker @isik5 Your reason for not publishing test lists is that DPI vendors don't have the capacity to run wiresha… https://t.co/jAhG77aCne @atoker @isik5 It's a fetch to the metrics api every four seconds, conducted for a few minutes. It's not a denial o… https://t.co/7Y3wzv9mja @atoker Where are Netblocks' measurements disclosed to site visitors and how do they opt out? @atoker What are the exact mitigations Netblocks has put into place that Encore had not? @isik5 When Netblocks is accessed from Iran, the site triggers the same tests against a similar set of sites – incl… https://t.co/nVRcG04SyG
12/16
2019
@isik5 That's misleading and irrelevant. Netblocks makes network requests to sensitive sites. It doesn't matter whe… https://t.co/vF67cbzhjKNetblocks' behavior is even more problematic. There is no transparency what data is being collected and what meas… https://t.co/IepqvjFexrNetblocks should have known better. In 2015, an academic paper on such measurements was extremely controversial.… https://t.co/ZmM8dmIxyCNetblocks doesn't ask for consent and doesn't disclose these tests. Its data use policy is misleading ("....as li… https://t.co/F2SNYB2GQvWhen a visitor opens @Netblocks, their browser quietly begins to connect to 80 other sites to see if those pages ar… https://t.co/N3hUkGiAtXTroubling that @netblocks is running undisclosed experiments that could endanger people. Without their permission… https://t.co/ALwLCBCJD0
12/15
2019
Data from Iran's internet shutdown now posted. Interesting to see which government ministries and public institut… https://t.co/6Me0g2BAD4
12/8
2019
Turns out Balkans Post was registered alongside Iranian domains and for a while cohosted with @AHTribune – which al… https://t.co/E7cOrzYL3dA rumor has been circulating that the MEK's Albania base was destroyed in a recent earthquake, attributed to a "Bal… https://t.co/RTx8112ng5
12/3
2019
This would suggest that Iran's disconnect was quite DYI – left up to a few domestic backbone providers to implement… https://t.co/NGCQwkj3DTIt's possible core infrastructure was left online, but other steps were taken to cut connections (such as dropping… https://t.co/AmKZhxCMKWThis doesn't mean those other providers ignored Iranian government demands. From @caida_ioda, we see that while man… https://t.co/Zj4xyDeVSlWhen and whether an ISP disappeared to the global internet seems to have depended on who was their upstream provide… https://t.co/meNWh7hHSXMuch has been said about Iran disconnection from the Internet during #IranProtests, but one thing stands out: there… https://t.co/bgkz6D5JFm
12/2
2019
@azarijahromi Now take a picture at the Semnan Space Center launch pad. Include the scorch marks.
8/31
2019
@Riana_Crypto Same experience last year. Was a lesson too because the victim was male being stalked by his wife.
8/10
2019
The late night Nigerian Suya grill that’s sprung up in front of Torrie’s is truly something special. Unlike anythin… https://t.co/dCP2AIAir2
8/3
2019
*decides to finally poke at this fancy stereo receiver on a lazy afternoon* ಠ_ಠ https://t.co/5BW7GATSt5
4/28
2019
@FarsNews_Agency لطفا عکس تغییر بداد؟ خیلی قدیمی. مرسی! 😘 https://t.co/4Ey8zPHP4y
4/4
2019
برانداز! من؟ lol 👻
4/3
2018
Internet, 1998: Be careful, that friendly stranger could be a sex offender! Internet, 2018: Be careful, that friend… https://t.co/rVmAgj3oSw
8/2
2018
Interesting overlap in Symantec’s latest Iran research — the Justice Department asserted in recent indictments that… https://t.co/ufwID77ML8
7/25
2018
New Iranian #malware targeting human rights defenders. Impersonates death penalty court order leaked by… https://t.co/vZODynkfev
7/3
2018
The Kourosh Yaghmaei sample on #NASIR would be more impressive if Gole Yakh wasn't the first song on the Stones Thr… https://t.co/qmczSxFhnP
6/15
2018
@ColinKahl Given the conviction of Black Cube employees in Romania for attempted hacking of anticorruption official… https://t.co/wkGi2cCuR7
5/6
2018
@JacobAWohl You believe that an 39 year old woman served in the military of the Islamic Republic during a war that… https://t.co/dYCMsHZ94J
4/4
2018
Today's DOJ indictments of Iranian hackers demonstrates a common pattern described by @ksadjadpour and me in our Ca… https://t.co/lLl7fAbCNLJust to mention, the Mabna Institute indicted for hacking today doesn't appear to be the same as PooyaAfarin-e- Mab… https://t.co/qqwt62EnIN
3/23
2018
A simple proposition for the cyber security community: if you have reason to believe that malware or an actor was e… https://t.co/JUj01rO2xr
3/21
2018
When Indicators of Compromise Become Indicators of Counterterrorism: First thoughts on disclosure ethics on counter… https://t.co/UGmUqCgRv4
2/8
2018

0