Single-Pixel Tracker Leads Paranoid Turkish Authorities To Wrongly Accuse Over 10,000 People Of Treason

from the tiny-web-beacons,-massive-consequences dept

We've written many articles about the thin-skinned Turkish president, Recep Tayyip Erdoğan, and his massive crackdown on opponents, real or imagined, following the failed coup attempt in 2016. Boing Boing points us to a disturbing report on the Canadian CBC News site revealing how thousands of innocent citizens have ended up in prison because they were falsely linked with the encrypted messaging app Bylock:

The Turkish government under President Recep Tayyip Erdogan links Bylock with treason, because of the app's alleged connection to followers of Fethullah Gülen, the man the Turkish government believes is behind the deadly 2016 coup attempt. Gülen denies the allegations.

Alleged Bylock users are a large part of the nearly 150,000 Turks detained, arrested or forced from their jobs under state of emergency decrees since the summer of 2016.

An estimated 30,000 are believed to be among the innocent swept up in this particular campaign, victims of the chaos, confusion and fear in Turkey.

It's bad enough that the Turkish authorities are equating the mere use of the Bylock app with treason. But it gets worse. It turns out that many of those arrested for that reason didn't even use Bylock, but were falsely accused:

it was due to a single line of code, which created a window "one pixel high, one pixel wide" -- essentially invisible to the human eye -- to Bylock.net. Hypothetically, people could be accused of accessing the site without having knowingly viewed it.

That line redirected people to the Bylock server using several other applications, including a Spotify-like music app called Freezy and apps to look up prayer times or find the direction of Mecca. Some people have been accused because someone they shared a wifi connection with was linked to Bylock.

According to the CBC News report, the single-pixel trackers that linked back to Bylock.net were used intentionally by the Bylock developers in order to muddy the waters, and make it harder to identify real Bylock users. However, it's not clear how these Web "beacons" came to be associated with other apps. Whatever the mechanism used to accuse innocent people, the Turkish authorities have confirmed indirectly that the misleading calls to Bylock.net did indeed take place, albeit releasing that information in a way that violates the victims' privacy pretty badly:

The Turkish government and the country's courts rarely admit they are wrong, but in December, they revealed the gravity of the mistake they'd made by publishing a list of 11,480 mobile phone numbers. Each number represented a person wrongly accused of terrorism in the Bylock affair.

As well as confirming that Turkey remains in the grip of institutionalized paranoia emanating from the country's president, this episode underlines just how serious the implications of single-pixel tracking can be. In an ideal world, such surreptitious tracking would not be taking place. As a second best, browsers would incorporate technology that warned users of such tricks and blocked their callbacks as a matter of course, but it's hard to see how this could be done in a way that isn't easily circumvented.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: bylock, evidence, pixel, tracking, treason, turkey


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 7 Feb 2018 @ 11:32am

    Single-pixel trackers have a dark origin

    They were developed and deployed by spammers in order to help them figure out which tactics were getting their abuse delivered. Each access to those pixels is accompanied by data that tells them:

    - which of their outbound mail servers was used
    - which version of the spam was sent
    - which user was targeted
    - which delivery method their mail server used
    - and so on

    When a spam victim hits one of those single pixels, that N-tuplet of information is sent back to the spammers -- along with a timestamp of course, so they can also measure the time between when spam was sent and when it read by someone insane enough to use an HTML-capable mail reader.

    This tactic is still used today by spammers-for-hire like MailChimp, ExactTarget, ConstantContact, and so on. All of them have been busy spying on huge numbers of users for years.

    This would be a good time to wonder who they're selling all that data to.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.