Intelligence officers attached to the Sri Lankan Defence Ministry have given secret instructions to Internet providers in Colombo to covertly scan the emails addressed to OHCHR Investigations on Sri Lanka (OISL), a reliable source in Colombo told TamilNet on Thursday. The intelligence officers have deployed simple network packet sniffing techniques to make copies of the messages that are addressed to the OISL. A lot of messages are also being discarded, while some are allowed to proceed in order to avoid provocation, the source further said. To ensure that their messages have reached the intended destination, the people who have made submissions should request acknowledgement from the OISL, an activist who got a bounced message told TamilNet.
When people sending their submissions with sensitive information to the OISL are using an Internet connection provided by a Sri Lankan ISP it becomes very easy for the Sri Lankan military intelligence to do what is known as a “man in the middle sniffing”. The public has very limited knowledge on how to utilize encryption and VPN facilities. (The Best Free Ways to Send Encrypted Email and Secure Messages)
Those who have not deployed secure systems to deliver their submissions face security risk.
“Just imagine the danger. A former Unix Sys Admin is running the Defence Ministry. He knows, at least what /dev/null means,” a systems administrator with an ISP in the island commented. The SL Presidential Sibling Gotabhaya Rajapaksa, a US-citizen, was earlier employed as a Unix Systems Administrator in the USA.
“People are not aware of technology options such as secure VPN facilities that offer an encryption layer on top of their ISP provided connections and there has been no effort by the UN system in the island to enlighten the masses on secure ways to send their submissions to the OISL,” the IT expert further said.
In the meantime, an activist who got a bounced message from the OISL server said the end point in Geneva, a mailserver, didn’t accept attachments that were larger than 20 MB.
The Sri Lankan Defence Ministry has blocked access to several news websites in the island. TamilNet, blocked through the ISPs in Colombo in 2007, still remains inaccessible for the readers in the island. After 2009, TamilNet was subjected to repeated attacks on the Internet. The DDoS attacks coincided with UN Human Rights Council sessions in Geneva.
Just a few days ago, Internet café and photocopy operators were instructed by the SL military intelligence in Vanni to alert them if anyone were scanning or copying affidavit forms for submission to OISL.
The Sri Lankan CID in Ki’linochchi on last Saturday arrested a 57-year-old father of six, Sinnathamby Krishnarajah, from Sivapuram in Kiraagnchi who was having sample affidavit forms. Mr Krishnarajah was searching for daughter since May 2009.
The ‘Terrorist Investigation Division’ has transferred Krishnarajah to Colombo for interrogations at the notorious 4th Floor. Tamil political parties and rights activists have urged the UN to intervene to release him.
Following Krishnarajah’s arrest several people who were supposed to collectively meet and prepare submissions have refrained from sending their submissions, informed sources in Vanni told TamilNet.