In the second year of the Reiwa Era, Japan is facing unprecendented change. Along with the arrival of a new Prime Minister, the nation is also being promised a new “Digital Agency” that will cut through the red tape of the old bureaucracy and modernize government for the betterment of its citizens.

But will it truly better the lives of citizens? Or will it only enhance the power of an already powerful government?

One of the policy goals of this “Digital Agency” is to expand the use of the already unpopular MyNumber system, which consolidates the personal and financial information of citizens into a single database under constant government surveillance.

In recent years, we have also seen the creation of Chinese-style Social Credit score systems such as “JScore”, which offer an inescapable Panopticon in exchange for a few paltry virtual points or discount coupons. Though JScore is a private venture, it is already known that Japan’s “Digital Agency” will lean heavily on the private sector. The possibility for the integration of JScore into the MyNumber system is not only possible, but likely.

Finally, the cooperation of certain Japanese agencies… most notably the Cabinet Intelligence Research Office and the Directorate for Signals Intelligence… with foreign intelligence agencies shows that not only is total surveillance of the Japanese internet happening, it is largely done at the behest of foreign powers.

The likelihood that all of these things to be integrated and expanded upon under the “Digital Agency” creates the potential for a total surveillance state under which the citizens’ right to privacy will be violated as never before.

That potential is already in the process of being realized. It was only one year ago that the Japanese Ministry of Internal Affairs and Communications wanted to request Japanese ISPs to actively block websites under the pretense of stopping manga piracy. Now the Ministry has yet another “interesting proposal” to offer.

On May 23rd this year, Japanese wrestler Hana Kimura tragically ended her own life. The media was quick the seize upon the story, making hateful internet comments the sole reason for Hana Kimura’s passing. Popular anger was mobilized, and then exploited to lobby for amendments to laws governing the Disclosure of Sender Identification Information. These laws provide liability protection to service providers and online platforms when requested to disclose personal information of their users in response to lawsuits.
今年の5月23日に、女子プロレスラー木村 花さんは悲しいことに自ら命を絶ってしまいました。マスコミは早急にこの事件に付け込み、木村さんの自殺を全部オンライン中傷コメントのせいにしました。これを口実に世論を利用し、政府が発信者情報開示に関する法律への改正を働き掛けました。この法律は、情報の流通によって権利の侵害があった場合について、プロバイダーの損害賠償責任の制限そして発信者情報を開示する権利を定めます。

Under new proposals, internet service providers and platform operators would be requested to not only maintain logs of user IP addresses and timestamps of user activity, but also to disclose phone numbers used for Two-Factor Authentication. Lawyers in favor of these amendments even speak of automated infrastructure to more quickly and easily harvest phone numbers and other identifying information on request from providers.

Online slander can certainly cause problems and even harm to individuals, but increased surveillance is not an acceptable solution. Indeed, any such surveillance power is likely to be abused under the umbrella of a future “Digital Agency”, with the definition of “slander” expanded to include government critics and independent journalists.

As we have often said in the past, relying on third parties to defend your rights is almost the same as having no rights at all. They only exist as far as your ability to defend them yourself, and the right to privacy is no different. If the Japanese government wishes to collect identifying information from online platforms, then our only choice is to use platforms that cannot provide any identifying information at all.

In the past, we have introduced a variety of software solutions to allow you to protect your own privacy online. This time、in response to the Caller Information Disclosure proposals, we wish to introduce “Session”.

Session is an open-source messaging application which uses decentralised storage servers and an onion routing protocol to send end-to-end encrypted messages with minimal exposure of user metadata. Session works to reduce metadata collection in several ways:
セッション はオープン・ソース、安全なメッセンジャーアプリです。分散型記憶サーバ、そしてオニオンルーティング・プロトコルにより、メタデータの暴露をできる限り防止しながら、終端間暗号化されたメッセージを通信します。

Firstly, Session does not rely on central servers, instead using a decentralised network of thousands of nodes.

Secondly, Session ensures that IP addresses cannot be linked to messages sent or received by users.

Thirdly, Session does not ask or require users to provide a phone number or email address when registering a new account. Instead, it uses cryptographic keys as the basis of an account’s identity.

Session has recently been translated into Japanese, and is available for download on a variety of platforms. Session is also part of a larger project, “Lokinet”, which provides more tools and infrastructure to help you protect your own privacy online. We are currently translating Lokinet documentation into Japanese, in hopes for a Japanese version on final release.

We encourage all Japanese internet users to follow the development of both Session and Lokinet, and begin embracing privacy protecting infrastructure now, before the “Digital Agency” fully rises to power.



Disconnectのアーティストとまだ話し合ってるけど、皆が忙しくなって新しい同人誌を作ることが出来ませんでした (´_`)






プロジェクト自体ホームページ [英語]:








「あれ?これはTorと変わらないじゃん」と思う方、実は違う!でもTorとLokinetの違いについて話すと、難しくなりますね… 実際に、Torには悪用出口ノード問題がありますね。誰でも出口ノードを作れるだからこそ、ノードに介する通信は監視され、保存される恐れがあります。Lokiの場合、ノードの管理には専用仮想通貨の資源が必要です。完璧じゃないかもしれないが、ある程度に悪用ノードの問題を抑えると思われます。そして正直に言うと、Torには競争が必要だと思います。一つのソフトに頼りすぎると、バッドエンドに終わるかもしれない。




日本語版マニュアルのプレースホルダー [開発途中]:



悪用ノードの問題にもかかわらず、Torは万能プライバシーツール、そしてまだおすすめできます。でも日本ではかなり有名なのに、実はTorブラウザのユーザマニュアルはまだほぼ日本語にローカライズされていません。何と!Torプロジェクトのスタッフと話し合って、我々はローカライゼーションに協力し始めました。でも訳さなきゃいけない文は山ほどあるので、もっと助けを借りたい (ι´Д`)ノ



プロジェクト自体ホームページ [英語]:


OnionShareはTorネットワークを利用するファイル共有ツールです。ソフトが自動的にTor秘匿サービスを設定して、onionアドレスにファイルをホストします。一時的、それとも永続的なダウンロード両方ができます。バージョン2.2から、簡単なhtmlファイルでワンタッチのダークネットサイトを作れます。プライベートにデータを共有したいなら、ぜひOnionShareを使って下さい!(しかも、日本語版は我々の仕業だ ೕ(•̀ㅂ•́ ) )



鳥は可愛いですね… (人´∀`*)










アノニマス:文化庁著作権課へ、コメントの求めに応えて、「OnionShare v2.2」

In early October, the Copyright Division of the Agency for Cultural Affairs put out a request for public comment to let the public give them feedback about their hard work to protect the content industries of Japan.


This hard work includes:
-proposals that would violate Article 21 the Japanese constitution
-proposals that would make sharing link URLs a criminal act
-proposals that would make taking screenshots a criminal act
-proposals that would make copy-pasting the content of news articles a criminal act
…and so on. We’d like to thank the Agency for their hard work. Great job.

…などなど。 文化庁の良い大人の皆さん、かねてより上記の「苦労」に関しては、まっ・・ことにご苦労様です!よくできました!!(笑)

Since the Agency for Cultural Affairs has been kind enough to ask the public for our views, we have no choice but to respond with our honest opinion. Our comments and criticisms can be broadly divided into six areas: strictness, public domain and fair use, unfairness, antiquated laws, legal issues, and issues with the government’s basic stance.

さてさて、ちょうど文化庁著作権課がご親切にもパブリックコメントを募集していましたので、これを機に我々も率直な意見を述べる以外、もはや選択肢がございませんっ!・・・というわけで、今回我々が提示する論題は次の6ヶ条となります。すなわち、1:厳格過ぎる法適用 2:パブリックドメインと公正使用(フェアユース)3:不公平 4:時代遅れの法律 5:法的問題 そして6:政府の基本スタンスとの問題です。

-Currently News content can be taken down due to copyright violation, but can’t news reporting be made an exception?
-A link itself is not a copyrighted work, and “Leech Sites” do not actually host any copyrighted content.
-The act of posting copyrighted content is not always necessarily an infringement of that content.-Since the infringing act of posting copyrighted content ends once the material has been uploaded, linking to that content after the fact cannot be considered a crime in itself.
-If a balance isn’t maintained between the public good and the private profit of corporations, this law will be seen as unfair by the Japanese people and lead to a weakening of respect for the law in general.


2:Public Domain and Fair Use
-Can news reporting be considered an exception? Can images, audio, and text from news not be made part of the public domain?
-We would like parody provisions like those in France to be included.
-Before expanding copyright protections, we would like you to think about the length of copyright terms and the lack of Fair Use provisions in Japan.


-Won’t allegations of infringement by large corporations, government agencies, or religious groups be used as a tool to suppress the speech of citizens?
-It seems as though these copyright laws are written not from the point of view of the citizen, but rather excessively back the position of large corporations, governments, religious groups, and rights management agencies.
-There seem to be many criticisms of site blocking, access restriction, and Leech Site countermeasures by well-informed people.


4:Antiquated Laws
-Because the spirit of copyright law was written in a time before the Net, they need to be reconsidered and amended to be in line with the reality of the present day.
-Hyperlinks form the basis of the internet, and this may negatively effect the free exchange of information and freedom of the internet.


5:Legal Issues
-While a Request for Injunction against alleged infringers exists under Patent Law, rules regarding such for indirect infringement do not exist in Copyright Law.
-Based on the precedent of alleged infringers ignoring Requests for Injunction, similar Requests to Leech Sites will be difficult to enforce under present circumstances.
-The Leech Site countermeasures shown in the current Draft Proposal to Revise the Copyright Act for Exceptions Regarding the Registration of Programming Books call into question whether the legal system is unified and consistent.


6:Issues with the government’s basic stance
-The fundamental problem with pirated works is their upload, and so download should not be such a main area of focus.
-Furthermore, since downloading was criminalized, criminal penalties were enacted, and the requirement for formal charges from a victim was removed in 2009, there has not been one single arrest. This calls into question the effectiveness of these measures.
-On the other hand, strengthening regulations on downloading restricts the internet freedoms of the public, and atrophies their ability to use the internet.


In light of the above concerns, we would like to strongly urge the reconsideration of the download criminalization proposals.


We would also like to urge the public to submit your comments to the Copyright Division of the Agency for Cultural Affairs at the following address. The deadline for these submissions are October 30th, so don’t delay.

However, we can’t just end with asking the government to protect our rights. It is always important to cultivate the power to protect them ourselves. Towards that end, we would like to announce some good news. In March of this year, we announced “OnionShare”, a file sharing program using the Tor network. Just this month, OnionShare has released an important update.


As of version 2.2, OnionShare can now be used as a simple web host for Hidden Service sites inside the Tor network. By hosting an index.html file and associated content on your own system using OnionShare, you can quickly and easily create a Hidden Service website.


We urge all people to take advantage of this update. And remember…only you can protect your own freedom and privacy online.



(1) 2018/08電気通信事業法及び国立研究開発法人情報通信研究機構法の一部を改正する法律(平成30年法律第24号)の施行に伴う省令の制定について(NICT法の一部改正に伴う識別符号の基準及び実施計画に関する規定整備関係)

(2) 2018/09/26国立研究開発法人情報通信研究機構の中長期計画の変更案に対するサイバーセキュリティ戦略本部の意見(案)

(3) 2018/11/01国立研究開発法人情報通信研究機構法附則第八条第四項第一号に規定する総務省令で定める基準及び第九条に規定する業務の実施に関する計画に関する省令案に係る意見募集の結果新旧対照表

(4) 2019/01/25国立研究開発法人情報通信研究機構法(平成11年法律第162号)附則第8条第2項に規定する業務の実施に関する計画の認可申請の概要

(5) 2019/02/01IoT機器調査及び利用者への注意喚起の取組「NOTICE」の実施https://www.nict.go.jp/press/2019/02/01-1.html

(6) 2019/02/14IoT機器調査及び利用者への注意喚起の取組「NOTICE」で使用するIPアドレスについて
(7) 2019/06/28IoT機器調査及び注意喚起の実施状況について



ポートスキャンを仕掛けているのは、ポート番号で21(FTP)、22(SSH)、23(TELNET)、80(HTTP)、443(HTTPS)、その他では 8000、8080 です。単発ではなく、短時間に集中的&連続的にスキャンしているようです。

Let’s imagine a scenario together. Imagine a world where, in a crowded urban metropolis, nobody locked their doors. As a result, burglaries are skyrocketing. This problem could easily be solved by everybody just locking their doors, but for some reason they don’t.

Why not? Maybe they’re too lazy, maybe they’re stupid, or maybe their just don’t believe they’ll be targeted. Whatever the reason, the problem isn’t getting better.

The police, of course, are overwhelmed. They put out notices asking people to lock their doors, but it doesn’t have much impact. So finally, they come up with a more extreme plan.

The police hire people to go door to door in every neighborhood, testing each door to see if it’s locked. If they find an unlocked door, they enter the house and leave a warning note. They then write down a list of all the addresses that don’t lock their door and keep it at the police station.

Naturally, this plan has one problem…entering somebody’s house without permission or a warrant is illegal. But the police solve that by having the government pass a law that makes it temporarily legal for the police to perform “specified access” to unlocked houses.

Does this sound like a terrible idea filled with potential for abuse? We agree! Unfortunately, Japan’s NICT does not.

The National Institute of Information and Communications Technology announced a plan in February of this year, called NOTICE…”National Operation Towards IoT Clean Environment”. NOTICE is a plan to improve the national level of IoT security. Unfortunately, many hundreds (if not thousands) of IoT devices are either poorly secured, or not secured at all. Many use default passwords, which makes them easy targets for malicious programs like 2016’s Mirai virus.
情報通信研究機構(NICT)が今年の2月に、「NOTICE」という計画を実行しました…”National Operation Towards IoT Clean Environment”。NOTICEは日本国内のIoTセキュリティーを高めるための計画です。残念ながら、多くのIoTデバイスにはセキュリティ上の脆弱性があり、さらにはセキュリティー対策自体が全く施されていないデバイスすら存在します。多くのデバイスはパスワードがデフォルトのまま設定されており、ウィルスにとっていいカモになっています(例えば2016年のMiraiウィルス)。

The NICT wants to encourage better security practices, which is good. Unfortunately their method of doing this is very bad. Under NOTICE, the NICT plans to run brute-force dictionary attacks on all IoT devices in Japan, testing default passwords to try and access them. If the attack is successful, they will notify the owners and advise them to change their password. It’s also likely they’ll be keeping records of which devices were successfully accessed.

Of course, this plan had one problem…the type of brute-force attack the NICT wants to use under NOTICE is considered unauthorized access, and is illegal under Japanese law. Which is why, in 2018, the Japanese government created amendmends to the Telecommunications Business Law and the National Research and Development Institute of Information and Communications Technology Law. These amendments stipulated a class of “specified access” as an exception to unauthorized access, essentially making it temporarily legal for the NICT to perform unauthorized access to private networks.

There are thankfully some limits on the NICT’s new “specified access” powers…for now. Legal targets are limited to those that meet the criteria set forth by the Ministry of Internal Affairs. The NICT’s brute force attacks will employ only passwords less than 8 characters, those used in past cyber attacks, and those using only identical or consecutive characters. Sadly, these limitations are of little comfort. More on that later.



While the goal of improving Japan’s network security is commendable, the NICT’s plan under NOTICE may have a number of unintended consequences.

Firstly, legalizing government hacking of private networks opens to door to abuse by other branches of government. We already know that CIRO and the Japanese Directorate for Signals Intelligence are monitoring the Japanese internet, and cooperating closely with America’s NSA. There’s potential that they might be tempted to deputize the NICT to perform “specified access” to a private network on their behalf, protected by the legal shield created by the 2018 amendments.

The ability of the NICT to successfully contact the owners of private network to warn them is also an issue, as is the likelihood that those owners might not notice (or might ignore) this contact. As a result, the NICT will end up maintaining a list of unsecure IoT devices in Japan…a list that will itself become a target for hackers, who will have faster and easier access to victims. In this way, the NICT might make Japanese networks less secure rather than more.

Finally, the limits on the “Specified Access” exemption is no guarantee of limited powers. The Japanese government has a long history of creating “temporary” or “limited” powers, and then expanding or extending them after the fact when they find a reason to do so. As far as the Japanese government is concerned, a promise and 100 yen couldn’t buy a can of coffee.

To be clear, the goal of improving IoT security is a good one, and we certainly encourage all users of IoT devices to stop using default passwords. One visit to Insecam-dot-org and you’ll see why it’s dangerous to leave network devices unsecured. But the plan under NOTICE is not a good solution, and will very likely create more problems than it solves.

So what can we do about it? Well, one thing network operators can do is block the NICT from accessing their networks entirely. In fact, the NICT has helpfully provided a list of the IP addresses they’re using under NOTICE, and which ports they intend to scan. If they find some or most of their “specified access” attempts being blocked outright, that might send a message to the NICT about the popularity of NOTICE.

A list of these IP addresses, as well as a timeline of information about NOTICE, are provided above. Please feel free to use this information as you see fit.

And for the love of God, please change the passwords on your IoT shit.

アノニマス:違法ダウンロード対象拡大に対抗する措置、「Onion Share」

“You shouldn’t break the law”.

For the most part, we can agree with that.
We also think you also shouldn’t create insane laws.

Since last year, the Japanese government has been aggressively trying to restrict Communications Secrecy and Freedom of Expression on the Internet. In April 2018, the government partnered with NTT Communications to monitor communications and block access to certain websites, violating Article 21 of the Japanese Constitution. In response, we helped to provide a Japanese version of the Onion Browser for iOS.

Then, in August of the same year, the government proposed allowing rights holders of copyrighted works to use Denial-of-Service attacks against suspected pirate sites, a reckless expansion of corporate power. In response to that, we announced the release of the Japanese version of Signal, an encrypted communications tool.

But as expected, the Japanese government has continued to expand its power without any concern for the negative consequences. In early 2019, the Agency for Cultural Affairs proposed expanding the scope of the Copyright Act, which only covers music and video, to include comics, photographs, and all copyrighted written material as well. To be clear, the Copyright Act is the law which treats illegal downloading as a criminal offense. Those arrested can face 10 years in prison.

This law is already excessive to begin with. But expanding its scope to cover photographs and written works makes it significantly worse. The simple act of downloading a photograph from a blog and posting it on social media, or copy-pasting the content of a news article would become a criminal act. The Cultural Council’s Subcommittee on Copyright has even explicitly stated that merely taking a screenshot would be considered criminal copyright infringement.

These things are daily activities for Internet users, and making them serious crimes is nothing short of criminalizing use of the Internet itself. The Japanese government has made promises that these laws will only be used for serious and repeated copyright offenses. But the Japanese government has made many promises in the past.

When they used Penal Code Article 37 to justify violating Communication Secrecy, they promised it would only be limited to child pornography sites. When they expanded the use of Article 37 to include manga and anime pirate sites, they promised it would be limited in scope. Now they have expanded it to cover screenshots and the copy-paste function, and still they promise not to abuse power. Each promise was abandoned as soon as it became inconvenient. This time will be no different.

The government says these laws are necessary to protect the economy. But that is an obvious lie. Even publishing company executives have spoken out against the government’s plans, claiming that they did not wish to go this far. In spite of that, the government has been working hard to push these new laws, even going so far as to present slanted and misleading information to lawmakers to justify their case. The Agency for Cultural Affairs heavily edited their report to emphasise supporting opinions while minimizing or even omitting dissenting ones. In spite of the fact that positive opinions were in the minority, the report presented them as the majority.

If even the copyright holders do not support these laws, and the government has to manipulate information to support them, perhaps these laws aren’t meant to help the economy at all. It seems much more likely these laws will be used to justify more surveillance and information control by the government. Restricting the ability of people to copy and share information makes it harder to them to see through propaganda and discover the truth. Free expression and free information have always been the enemy of authoritarian control.

Fortunately, these proposals did not succeed. But only this time. They will be back, and it is necessary to prepare countermeasures against rising censorship of the internet. To that end, we have another software release to announce.

Earlier this year, we helped translate a program named “OnionShare” into Japanese. OnionShare is a file-sharing program that routes all data through the Tor network. Files are hosted on a temporary Hidden Service address, and can be freely uploaded and downloaded via the Tor Browser, all while bypassing surveillance and site blocking. OnionShare can be used privately between two individuals, or publicly to allow a file to be shared widely among many users.
今年の初めに、我々は「オニオンシェア」というソフトの日本語版を翻訳に協力していました。オニオンシェアはTorネットワークを通してデータを送るファイル共有ソフトです。共有されるファイルは一時秘匿サービス(Hidden Service)でホストされ、検閲や監視をすり抜けながら、Torブラウザでダウンロードすることができます。2人切りのユーザーの間にファイル共有の場合も、世界中の人々に広く共有する場合も、オニオンシェアは役立つことでしょう。

To use OnionShare in Japanese, it’s necessary to change the settings after installation. After downloading the program from this address, install the program and execute it. After OnionShare has finished connecting to the Tor network, click on the gear icon in the top right corner. Then choose 日本語 from the Language drop menu in the bottom left of the settings window and click Save. After you restart the OnionShare program, the UI will be changed into Japanese. We will release a more detailed user guide in the future, but this is enough for basic operation.
日本語でオニオンシェアを利用するため、インストール後に設定を変える必要があります。このアドレスからオニオンシェアをダウンロードしたら、インストールして実行して下さい。オニオンシェアは自動的にTorネットワークと接続します。接続が完了したら、右上の歯車アイコンをクリックします。そして設定画面の左下に、「Preferred language」ドロップメニューから日本語を選択し、「Save」をクリック。次にオニオンシェアを再起動する時に、UIは日本語になります。いずれ、もっと詳しいユーザーガイドを発行したいと思いますが、とりあえず基本操作にはこれで十分でしょう。

Previous software releases work together very well with OnionShare. The Tor Browser for PC or Android, or OnionBrowser on iOS, can all access an OnionShare address. And with Signal, even sharing a link to an OnionShare address can be done secretly.

This is not the end of our work. We will continue to translate and distribute privacy protecting software as long as Communication Secrecy is under threat. As to the Japanese government, we urge you…stop making these stupid fucking laws. Please.