Category: Journalism

Banning TikTok Was Wrong; Ignoring the Ban is Lawlessness

Posted on by Johnny Fusion =11811=

This article first appeared in the Autumn 2025 issue of 2600 The Hacker Quarterly

It started with an Executive Order issued on August 6, 2020, by President Trump that sought to ban American companies or persons from doing business with TikTok’s parent company ByteDance or any of its subsidiaries. This is ostensibly because ByteDance is a company in the People’s Republic of China which posed a security threat to the United States. Not long after, on August 14, 2020, Trump issues a second Executive Order, this time directing ByteDance to divest all operations in the United States in 90 days. This is the actual first attempt at a ban of TikTok in the United States.

This results in TikTok suing the Trump administration for violation of due process in its executive orders.

Joe Biden is elected president in November of that year and shortly into his term in February 2021, he brings to a halt Trump’s plan to ban TikTok by postponing the legal cases that were working their way through the courts.

Things were pretty quiet about a TikTok ban for a good while, but there were controversies about the app, such as the data it collected and behavior of the algorithm.

Then on December 2, 2022, during a talk at Michigan University’s Ford School of Public Policy FBI Director Christopher Wray raises concerns that the Chinese Government can use the recommendation algorithm of TikTok to manipulate content for influence operations. Among the things he said here was “… so all of these things are in the hands of a government that doesn’t share our values, and that has a mission that’s very much at odds with what’s in the best interests of the United States…” Now remember this quote. Among all the scare tactics of invasions of privacy and potential for espionage is this one truth.
People in the United States government object to the content shared on TikTok. The speech presented by the app and the algorithm. For if it was about data harvesting as they claim, the Chinese-owned apps Temu and Shein are much worse in regard to that behavior bet they sell goods, they don’t provide content. Any bans so far have overlooked these companies and others from other countries or even domestically that harvest and sell our data. Surveillance Capitalism, the driving economic force of the Internet, has data brokering as its foundation.

In this vein of sharing user data with the Chinese government in February of 2022, both the FCC and FBI warn of this possibility, and the White House orders that TikTok is to be deleted from all government-issued devices.

The next move by the United States government was when over a year later, on March 23, 2023 TikTok CEO Shou ZI Chew is brought before a congressional committee for almost 6 hours of Sinophobia (though Chew is from Singapore, and TikTok at the time was based in Los Angeles and Singapore, and not available in China), misunderstanding of technology, and unfounded accusations of connection to and control of the CCP that echo and expand on Wray’s comments four months earlier.

Legislation is put forward to ban TikTok, but it fails to find support in the congress for many months until a year later, in March of 2024, the House of Representatives passes the TikTok sell-or-ban bill. In April, the Senate does the same and when it was delivered to President Biden’s desk he signed the legislation making it law. TikTok and ByteDance sue the Federal government on First Amendment grounds and both a court of appeals and the Supreme Court uphold the law. By law, TikTok is banned as of January 19, 2025.

So what happened between March of 2023 and March of 2024 that overcame the initial resistance to ban the app, making it the law of the land? The answer lies in a historical event that happened in late 2023 and the coverage of what came after on TikTok. This is the Hamas attack on Israel on October 7, 2023, and Israel’s genocidal response to that attack.

It’s not often talked about, but the United States Economy is driven by war. The United States spends more on their military than the rest of the world spends on theirs combined. America’s defense industry, when you count contractors and manufacturers of arms and military equipment, is the largest employer in the country. This is the Military-Industrial complex that Eisenhower warned the people of in his farewell address of January 17, 1961. If the American Empire is not directly fighting in conflicts, it will often provide or sell arms to its allies and proxies. The United States has a long history of supporting Israel and the Zionist project on which it is founded. Under President Joe Biden, American weapons and
American foreign policy made possible a genocide of the Palestinian people.

The American government’s position in the Palestian genocide was in support of the genocide. This was official American policy to support Israel unconditionally, even contravening both domestic and international laws to do so.

American mass media toed the line, and a pro-Israel / anti-Palestine narrative was the norm in print and television. There was no nuance in the discussions, with people taking binary positions with no room for actual discussion or the human cost. (See my previous article in the Spring 2024 issue)

However, on TikTok, a different picture of the conflict was being made. Palestinian creators could share their lived experiences directly, without being filtered through Israeli Hasbara (explanations/propaganda) these videos were shared widely, and how the TikTok algorithm works, many people were exposed to the genocide directly without the governments supporting the eradication of a people putting their spin and justification of it.

This was the real concern of Democrats and Republicans both, that young people mostly were getting a narrative that was, in the words of Director Wren, “very much at odds with what’s in the best interests of the United States [Government]” on a platform they did not control. Other social media platforms were compliant with cooperating with the interests of the American government. Meta, for example, suppressed posts on Instagram and Threads by Palestinians or those who had pro-Palestinian stances. But on TikTok, there was an unhindered view of Palestinian suffering and resistance.

The TikTok ban was always conditional. It was a strong-arm tactic for ByteDance to divest their ownership in favor of American ownership. An American that they hoped would be more on board with American narratives.

Well, ByteDance never divested, and in the waning days of the Biden administration, the ban went into effect, making TikTok (and other Apps owned by ByteDance, such as the Marvel Snap game) unavailable in the United States. For about a day, The following day, American TikTok users were greeted with a message that thanks to incoming President Trump, there was an agreement to keep TikTok active in the United States.

If there is one thing we know about Trump, he doesn’t make any deals from which he doesn’t profit or get something of value. This new post-ban era of TikTok is operating (illegally) under the good graces of Trump. It now is doing business so as it does not upset the powers that be, and now is under the thumb of the United States Government. The app has even returned to the Google Play Store and Apple App Store as of this writing.

All levels of Government are ignoring that TikTok is operating illegally according to a law passed by Congress, signed by the President, and upheld by the courts. And this small thing is done to normalize this. TikTok is widely popular, and the Ban as censorious and wrong as it is is widely unpopular. If a law were to be ignored, this is a wily choice for the first one. And make no mistake, this ignoring of a law and court ruling on the first day of the Trump administration is a first one, one I predict of many.

As of the writing of this article in the first week of March, 2025, the actions of Elon Musk’s DOGE are being overturned in the courts, with decisions saying they are clearly breaking the law, and the general consensus is waiting to see if the Executive branch complies with the courts. My prediction is that the Trump Administration will continue with lawlessness. Ignoring any statute or court opinion contrary to their agenda.

And now 2 weeks later, working on a second draft of this article, the Trump administration has targeted legal residents (Green Card holders) who hold pro-Palestinian views for deportation, attempting to skip over the usual due process afforded Green Card holders, and branding them criminals and terrorists for not supporting the American-funded genocide by Israel against the Palestinian people in Gaza. The first being Mahmoud Khalil, who is not charged with any crime unless you imagine that we live in a time where thoughtcrime is prosecutable. Others have now followed.

And this is how it starts. Authoritarians will begin with things that are actually popular. Like ignoring a law that would keep people from their favorite app. Persecuting a human group that at most makes up 1.4 % of the population, such as passing a law that affects less than 10 college athletes out of over 510,000. Fascism starts small to make bigger moves later. It’s “just” ignoring an unpopular ban before other laws, laws that protect the vulnerable, get ignored. It’s “just” persecuting trans people, until they use the same mechanisms to persecute other human groups, maybe even one you find yourself in.

Shout Outs: Sista, Owlerine, Raincoaster, Cosmic Surfer

The Darkside of DarkMatter: The Evil Hackers behind Project Raven

Posted on by Johnny Fusion =11811=

Originally published in Vol. 39:2 of 2600 The Hacker Quarterly and on Anonymous Worldwide

Scrolling through my social media feeds in the third week of September 2021 I come across a story about Project Raven. Three people Marc Baier, Ryan Adams, and Daniel Gericke who are either former intelligence operators or Military from the United States were levied heavy fines by the Department of Justice and are forbidden to ever seek out a security clearance for life. This was a deal to avoid prosecution for their crimes. What were their crimes? They participated in the most unethical hacking I have ever heard about. Working for a company in the United Arab Emirates, known as Darkmatter Group, they were an elite red team working on behalf of the Emiatiriti Government to spy on its own citizens,  Emeriti enemies, and even United States networks. But why is this the most unethical hacking in my opinion? Because of their hacking, human rights activists were tortured and imprisoned. Hacking does not exist in a vacuum. It is not just a challenge to test one’s limits of their technical acumen. It has real effects on real people, and Project Raven led to real human suffering.

Set the Wayback machine for the early second decade of the 21st century.. Cyber Warfare was becoming the new battlefield for the 21st century, and countries all over the world were getting started in an arms race for not only defensive capabilities but offensive as well. Governments were using corporate contractors, often filled with former feds. Edward Snowden perhaps being the most well-known of these types of contractors, before his whistleblowing he worked for one such contractor, Booz Allen that gave him access to all the secrets he was about to spill. Remember that name, it will come up again. These contractors did not just work for the American Government but provided malware and attack vectors to other governments equipping countries with cyberweapons sold to anyone that had the coin by those that could obtain a license to export technology and train foreign governments in cyber defense and policy. In September of 2012, one such company, Cyberpoint, obtained such a license to train the government of the United Arab Emirates in Cyberdefense — blue team sort of stuff, however, the UAE had other designs.

Cyberpoint did stick to blue team type defense such as firewalls, intrusion detection systems or other defensive strategies, but what is known thanks to whistleblower Lori Stroud (who actually recruited Edward Snowden into Booz Allen’s team contracted the NSA, giving Snowden access to even more classified material — this is the reason she left the NSA and went to work for Project Raven) this was the “unclassified cover story” for Project Raven to hide their red team style offensive exploits and penetration for the UAE government. It was perhaps the UAE’s desire to have more control and do things in-house that in 2016 the Emirati company DarkMatter took over the contracting for Project Raven, and the Cyberpoint contractors, if they wanted to keep their lucrative jobs in tax-free Dubai, moved to DarkMatter.

DarkMatter for all intents and purposes appeared to be an Emirati company, but in fact, they were part of the Emirati government. These were state actors pretending to be a cybersecurity company, and they were recruiting. They went to Cybersecurity conferences such as RSA in San Francisco and Blackhat in Las Vegas looking for elite hackers to fill their roster promising six-figure salaries, housing, and tax-free lifestyle in Dubai. Many hackers took up BlackMatter on their offer, getting a major payday, but what was the cost?

To put it bluntly, the UAE wanted hackers to build and implement a surveillance state that could be described as “1984 on steroids”. Blanketing the country with probes that would intercept all cell phone communication in Abu Dhabi and Dubai,and with the press of a button pwn all the phones in a specific area like a shopping mall for the suspicion of a single suspected terrorist that may be there. One may argue that every government participates in some form of a surveillance state, including the United States. The difference is even though, BlackMatter told its hackers that they were fighting the very real threat of terrorism, they also were spying on what the UAE considers dissidents. It should be pointed out here that the UAE does not have freedom of speech. Criticism of the government is a punishable offense. Speaking for human rights protections could very well get you disappeared, tortured, secretly tried, and imprisoned. The hacking taking place under the aegis of Project Raven in fact did lead to these outcomes. 

The tool that got the most press is called Karma. It used an exploit in iMessage for iPhones that  just by sending a text message that didn’t have to be read or otherwise interacted with, the device compromised the phone giving Project Raven hackers access to the device. It sounds a lot like the tool known as Pegasus that is also in the news lately and Apple recently pushed patches to fix, but in my research, I have not been able to determine if Karma and Pegasus are indeed the same tools but the similarity of the exploit is uncanny. iMessage is such a desirable vector for exploits as it is guaranteed to be on every Apple device out there. And because of Apple’s closed system, Apple users cannot opt out of this application.

Hackers love freedom, often expressing this in free speech and free software. Many hackers believe in the sovereignty of their own lives and their choices. However, if we are going to exercise this freedom, we must temper it with the responsibility for the consequences of our actions. No matter how isolated or sandboxed you think your hacking is, none of us is an island. Our choices ripple out and affect those that we may not even realize or have the vision to see. People exist within our sphere of influence and beyond the horizon of what we can see. We must not remain ignorant of the impact of our hacking. What does our own freedom mean if we are taking away the freedom of others? Can we really say we are advocates of liberty if we do not work to ensure liberty for all instead of selfishly looking inward and thinking we got ours and screw everyone else? 

Hackers exist in a community of like-minded individuals with a diversity of opinions, skills, and goals. We form collectives to work together to achieve our goals, be it an open-source project, presenting at a conference, or writing for this magazine. We may see hackers as an in-group and those outside our community as “other”, but in truth, we are all connected, every single one of us. Human beings create technology in order to be connected and interconnected with other human beings, especially in the realm of communication. From things like smoke signals, drumming across distances, running between cities with messages, postal systems, the telegraph, the telephone, radio and television, and finally the internet, humanity has increased our connection with one another to facilitate the sharing of information and understanding of one another.

But there is also a dark side. Human beings have used technology more and more to divide. To foment terrorism, spread misinformation, and facilitate fascism. The hackers of Project Raven were some of those individuals, under the aegis of the Emirati government, to squelch free speech which is the lowest form of fascism, and facilitate torture of human rights activists which is well into the realm of authoritarianism. Technology can facilitate freedom and technology can also enable tyranny. Even though some technology can be used for good or ill, technology is not ethics-neutral. There are some applications that are always unethical, immoral, and I will say it, evil.

Some of the darkside hackers for DarkMatter were ex-feds, while giving lip-service to the founding principles of the United States, they were more than willing for a big payday to set these behind both in their work for the United States and Emirati Governments. We know Lori Stroud, the whistleblower  was just fine with the NSA spying on everyone as Edward Snowden revealed, while participating in it, but only drew the line when the Emirati equivalent, The National Electronic Security Authority (NESA) spied on fellow Americans using Project Raven. She was already used to facilitate the compromising of devices for journalists, human rights activists, and foreign governments around the world, and the torture of Emirati dissidents in exchange for six tax-free figures still knew she was a spy but thought she was a “good” intelligence officer. Fine to do to brown folks in the Middle East, to people who were “other” but when it was to Americans, her perceived in-group she suddenly found scruples for what she was doing. Her hacking had a real human cost. But at least she eventually contacted the FBI about Project Raven, and Reuters did the initial investigative journalism that brought it all to light. Marc Baier, Ryan Adams, and Daniel Gericke cut a deal to pay a fine for breaking US hacking laws and prohibitions for selling military technology to avoid prosecution this does not undo the damage they have done. They used their technical acumen, access to high technology, and their ability as hackers to cause real harm — real human suffering as a result of their hacking.

It is a common story. Though I am merely a competent hacker, and not a superstar, puttering around more as a hobbyist and technological idealist than an InfoSec worker (the closest being Sysadmin jobs in Amsterdam and California), I have often been approached to do something unethical when people find out I am a hacker, and I am sure many readers of this magazine have as well. What we decide to do matters. It would behoove us not to just hack code, but to have a code of what we are willing to do and not to do. If we are going to cause harm, who are we causing harm to? Sometimes Justice demands direct action, but if we are not careful, some company can wave a fat wad of cash under our noses, and we compromise our values and through our skills become an agent of injustice. Or maybe we do something “just to see if it can be done”. We have all been there, hackers are curious creatures, but we must not allow our curiosity to bring actual harm or suffering to other human beings unjustly. We must build an awareness of the influence hacking can have on individuals and organizations. We can use hacking for righteous causes, or like the hackers of Project Raven, for great evil. The choice is yours. Choose wisely.