Confessions Of A Tunisian Hacktivist

Editor’s note: Contributor Mouna El Mokhtari is a French journalist and editor in chief of Webdorado.  Below is her translation of an exclusive interview she conducted with Tunisian hacktivist K3vin MitchnikYou can follow her @mooouna

Today, Tunisia is holding its first free elections. K3vin Mitchnik, whose pseudonym is a tribute to the great American hacker turned computer consultant, Kevin Mitnick, is a 25-year-old Tunisian cyber activist who has played a crucial role in the recent Jasmine Revolution in his country, which helped overthrow the previous regime and sparked the Arab Spring across the Middle East.. He is a member of the Anonymous collective and the co-founder of Tunisian Blackhats. With his group, he has led the attacks against Ammar 404  (the nickname given to the state’s Internet censorship) and more generally against censorship in his country. After several email conversations, I persuaded him to give us an insight into the mind of an e-resistor from Tunis. Here is his story.

How did you become a hacker?
K3vin Mitchnik : I was only 12 when I first laid my hands on a keyboard. At the time, there was no internet and, for me, the computer was merely a machine on which I could play 2D video games.  When I turned 17, I got interested in the online hacking forums and I joined several of them. I didn’t understand much of their content as the administrators and the hackers of the time did not provide full information or tutorials or even explanations on how to use certain software. That’s when I wrote my first hacker article but the entire forum gave me flack and accused me of being a lamer. So I challenged the administrators and the members of this forum to crack a secured system. I won the challenge and convinced them of my abilities. And so I became a hacker.

What attracted you to hacking?
Initially, it was a hobby. I liked the challenge.

And so you went on to create Tunisian Black Hats?
Yes, I co- founded the group in 2007,  along with my friend ‘webterrorist’ and two other pals who were very interested in the issue of digital and online security. At the time, broadband connections were just starting to be available in Tunisia and as a consequence the country was opening up. That’s how we decided to model ourselves on existing groups in Europe, Russia and China.

Why did you choose to name yourselves the Tunisian Black Hats ? In computing lingo, “black hats” refer to destructive and often money-seeking hackers. Do you view yourselves as renegades?
The whole point was to impress people and thus to empower ourselves. But really, we are “good hackers”, white hats. Since Ben Ali’s fall, we have ceased to hack into the Tunisian State computer system and have actually pointed to over 200 critical vulnerabilities in systems or websites belonging to the National Agency for Computer Security.

How do you start a hackers’ group in a country where censorship is so severe?
We indeed have had to bear the brunt of police online surveillance and censorship. Since the start, I have been writing about the tips and tricks to defy this censorship, which was one of the toughest in the world. To give you an idea, YouTube and other video sharing platforms were blocked. Even Facebook was sometimes being shut, but the Tunisian government had to reinstate it because of pressures from the US government.

At that time, hackers were scared to attack governmental or presidential websites. We, the Tunisian Blackhats, dared pirate two pro-government newspapers, LExpression and Le Temps, so as to get our discontent across to Ben Ali. Our purpose was to ask for freedom of expression and more generally freedom for the people. We also exposed the government’s methods used to capture the password private messages of citizens.

Censorship and control must have increased as soon as the situation started to sour for the authorities, in December 2010 after the self-immolation of Mohammed Bouazizi.
Yes, the regime tried to hack into everybody’s Gmail, Facebook and Twitter accounts by getting their passwords. Its computer engineering team, which employs about 600 techies, tried to shut fan pages and Facebook group pages. They used all imaginable means to reinforce their control and prevent the revolution. They even paid European hackers to attack and websites belonging to TV channels and then laid the blame on Anonymous.

Resisting the regime must have required quite a bit of courage…
Yes, but I had always been against Ben Ali. I became even more opposed to his regime after the Wikileaks revelations. These cables were about the president’s family, its corruption, its amassed wealth. Besides, freedom of speech is fundamental in life, one cannot live without it, pretty much like water actually.

What concrete steps did you take in order to hasten Ben Ali’s overthrow?
When I co-founded Tunisian Black Hats, I also started to take an occasional part in the activities of Anonymous. In January 2011, I contacted them directly, via the IRC chat rooms [online chatrooms where hundreds of users can gather simultaneously] and via Twitter.

For security reasons, we agreed that no denials of service would be done from Tunisia itself. Hackers from Anonymous, based outside the country, launched the attacks.

Our role was to provide them with information, particularly concerning the network infrastructure. We also told fellow Tunisians how to hide their identity and evade censorship. We used IRC chatrooms, Facebook and Twitter to get our message across. For example, I published on those platforms a script that disabled the scripts used by Ben Ali’s cyberpolice for accessing Gmail, Facebook and Twitter passwords. This disabling script had been developed by the Anonymous team. I also published Anonymous’s latest news, their videos and the official publications that had come up during our IRC conversations.

How does Anonymous choose its targets and the sites it will attack?
They conduct polls and everybody can voice his opinion on this, or suggest something. everything happens in IRC chatrooms or on the Piratenpad. The pads are used to craft attacks. Nobody can erase the texts published there but anyone can add a comment and save the contents even without registering online. This is the strength of Anonymous: anybody can join, you just need a pseudonym. If somebody is convinced by your idea, he will talk about it to other people, till enough of them are convinced about the merits of the proposed operation. Then you can launch it, with the help of the IRC chat administrators since they control the servers that are being used for attacks through  LOIC (voluntary botnet). The administrators can take part in several attacks at the same time. It is a very democratic system.

Does Anonymous have leaders?
No, not really. But for instance, in the chatrooms that the group uses, my pseudonym is preceded by a star. This star lets participants know that I, unlike the ‘ordinary’ members, moderate the discussions, that the others can trust me, that I am aware of the ongoing attacks and that I am one of the people who have information and who spread it. Another hacker, who goes by the name of Sabu and belongs to the Lulzsec group, also has a star before his name. He is credited for hacking the CIA’s website and Sony’s databases.

How did you become a star ?
Well, as soon as I started collaborating with the group, I started giving reliable information, I corrected mistakes that had seeped in the online discussions… One day, Anonymous published a document about proxy servers that enabled users to retain their anonymity while attacking Tunisian servers. I checked it out and I discovered that the officials could still identify the users’ IP address. I told Anonymous about it and they withdrew the document. Since then, the administrators have been sending me the applications they plan to use for their attacks so that I can test them beforehand.

Were the Tunisian authorities always unable to identify you? What was the instructions to follow in case one of you got arrested?
‘Webterrorist’ was arrested once because the police suspected him of having launched denial of service attacks against a website showcasing Ben Ali’s presidential initiatives. They were unable to find proof to sustain their accusations and so they released him after two or three days.

If you get arrested, your first thoughts has to be for the information still present on your machine because the police will seize your computers and cellphones. You have to do your utmost to convince the cops that your hardware (wifi router, etc) is not secure and has been used by another person. Proving anything becomes next to impossible.

What have you been doing after Ben Ali’s overthrow?
Ben Ali’s fall has not meant the end of the system for internet control and surveillance in Tunisia.  A former director of Tunisie Telecom, the company in charge of granting access in the country, stated that a gateway node still existed between the National Internet Agency and Europe.  This node could enable whoever controls it to actually watch over the entire network here. A few questions nag me : where are Ben Ali’s engineers? Where is the data that was stolen all these years? We are still on the lookout for these systems of control and this data. We intend to answer these questions. This is the dream of every hacker and every blogger in Tunisia.

My day job is for a company that hired me as a computer systems administrator after it saw how I detected digital security breaches. I think about digital security all the time: at night, a project can very well keep me awake. I keep thinking about security even when I am with my girlfriend. I think about my own safety and that of my dear ones who use PCs, iPhones, etc.

Will you take part in the attack against Facebook scheduled for November, 5?
This planned attack is a hoax. All trustworthy administrators confirm it. Anonymous doesn’t want to carry out this operation for the simple reason that Facebook is one of the tools the group uses most to spread its information.  The media only rushed to create a buzz around this announcement.