Army trolls

9 10 2020

Thai Enquirer reports that Twitter has revealed that the Royal Thai Army has at least 926 accounts used in “information operations” against anti-government figures and opposition politicians.

Since the 2006 military coup and more intensively since the 2014 coup, huge budgets have gone to “cyber security,” including the use of cyber vigilantes. State agents have long targeted “opponents,” disrupted and trolled.

Twitter’s report on state-backed “Information Operations” is about “attempts to manipulate Twitter to influence elections and other civic conversations by foreign or domestic state-backed entities.”

The most recent Twitter report disclosed “five distinct networks of accounts … of state-linked information operations.” The accounts were “attributed to Iran, Saudi Arabia, Cuba, Thailand and Russia.” Twitter states that it has “permanently suspended all 1,594 accounts associated with the five networks, for various violations of our platform manipulation policies.”

On Thailand it states:

Our investigation uncovered a network of accounts partaking in information operations that we can reliably link to the Royal Thai Army (RTA). These accounts were engaging in amplifying pro-RTA and pro-government content, as well as engaging in behavior targeting prominent political opposition figures.

We are disclosing 926 accounts today and continue to enforce against small-scale activity associated with this network, as we identify it.

At the Twitter pages the data on Thailand can be downloaded.

Meanwhile, a report on the operations associated with the 926 accounts has been released by the Stanford Internet Observatory. This report provides some “relief” as it found the Army was not very good at this information operation:

Of the 926 accounts, only 455 actively tweeted, producing a total of 21,385 tweets in the takedown. The network was used primarily to promote pro-government and pro-military positions and accounts on Twitter and to attack political opposition, particularly the Future Forward Party and Move Forward Party (FFP and MFP, respectively). This was a coordinated but low-impact operation: most accounts had no followers and the majority of tweets received no engagement (calculated as the sum of likes, replies, retweets, and quote retweets). This might be due in part to the operation’s limited duration: most of the accounts were created in January 2020 and the network largely stopped tweeting by March 2, 2020. Activity was heavily concentrated in February 2020 with notable spikes around the Korat shooting, a mass shooting in which a soldier killed 30 people, and the dissolution of the FFP.

Digital security

11 08 2020

A reader who is far more literate about these things than us, sends some advice. As always, we urge readers to be critical and careful in using digital material (including suggestions from others):

Many of these activists have security literacy, but I expect that most do not and this knowledge will help to protect them as they exercise their rights.  This is really important at this stage and I am certain I am not the first to flag this.
One useful approach is the idea of a live OS that can be installed onto a USB drive and will mask the host system information from both the ISPs and the websites.  These are systems that you can plug into any computer and boot as if it is an alternative operating system without damaging or changing the machine.  Most importantly, none of the activity will be logged on the machine because it will bypass everything except for RAM.  This means that students can insert them onto school machines secretly without being tracked, but also at home without risking their family security or incurring punishment.  The challenge is that forcing the machine to boot the USB will require pressing a special key as the machine turns on, usually Esc or one of the F# keys, and this depends on the machine itself.  If someone can figure out how to install these (unetbootin is the best tool: then they will be savvy enough to google their computer.
Lastly, people should go through their settings and update privacy, such as on web browsers to delete personal data (cookies, history, passwords) on exit.  They should consider not using Google anymore and opt for privacy ones like DuckDuckGo (not strong on Thai language support though).  Also to check out various browser extensions and tools from Electronic Frontier Foundation (EFF) (  People should be compartmentalizing their online activity and start getting used to using private windows by default.
The suggestions are endless, so I’ll stop here and highlight some that I’ve worked with:
TAILS OS – a USB-based system that is fully encrypted and can be moved from physical systems without wiping the installation.  It will force all web traffic through a TOR network.  It is useful for standard work, such as document production, media editing and other basic tools a user needs because you can save your work and resume at a later time.  Those of you who are journalists might be familiar with this because it was promoted by Edward Snowden.  (
Kali Linux (Live) – a standard Linux installation but it is a “live” version that you can boot without affecting the rest of the machine.  Each boot session will be fresh and all work will be wiped when you exit, but the usb itself won’t be encrypted so it will be clear what it is to anyone who checks it.  Kali is meant for hackers so it is full of technical tools to do a range of good and bad activities, but this means that it is designed for anonymity.  (
Any Linux Live – Linux is pretty useful because it is free and most distributions offer live versions that can be burned to an optical disc or USB that will let you boot into any machine (more challenging for Mac).  These are not designed for privacy per se, so users will need to do some preliminary work to protect the machine.  (
Other tools:
Web Browsers:
TOR Browser – easy to use, but there is a security vulnerability for Mac and Linux users that has been floating around lately and may or may not be fixed.  Also looks very suspect if installed.  Many sites don’t work well with TOR enabled, though, and sometimes setting up the connection can be challenging.  Not sure the level of integration with EFF tools in latest releases.  (Windows, OSX, Android, iOS, Linux) (
Brave Browser – a common browser that incorporates EFF tools by default and doesn’t arouse suspicion.  Value is that it has a native TOR feature on desktop versions that is very easy to use.  Same problem with sites when using TOR.  (Windows, OSX, Linux)(
Opera Browser – a more common browser that has a native free VPN for desktop versions, which is useful for some limited privacy.  Should install EFF tools as extensions. (Windows, OSX, Linux) (
Virtual Machine:
VMWare Workstation Player – a virtual machine inside an existing machine and can be any OS on any kind of host machine, including OSX on a windows machine etc, so it’s fully private for the individual user. But setting one up is time consuming, especially with creating a bridge for internet while the host system only uses Wifi.  It’s useful for testing whether an attachment has a virus or malware, but it is very resource intensive on RAM and CPU, so machines will overheat.  If accomplished, though, you can carry around a full system of any sort and move it between a few machines without leaving a trace on the host, other than the fact that VMWare is installed. (

Seeking safety in cyberspace

31 05 2020

At Quartz, there’s discussion of efforts to find safety on line. By “safety” is meant avoiding visits from the police and military for what one reads and writes online.

It begins by quoting Sarinee Achavanuntakul, an independent commentator and associated with the Thai Netizen Network, who discarded Twitter: “Say goodbye to Twitter and meet at Minds.”

Many are now “wary and distrustful of Twitter over a recent string of developments on the platform that sparked privacy concerns.”

After Facebook became unsafe, patrolled by state and reporting to authorities, with several arrested and charged with lese majeste, Thais turned to Twitter.

Now, they worry about Twitter:

The most proximate cause was an update to the platform’s privacy policy on May 19, set to take effect globally next month, allowing Twitter to share device-level data like a user’s IP address with business partners. The policy update came just days after Twitter launched an official Twitter Thailand account, with an accompanying blog post noting that Twitter has partnered with local NGOs and the government. To Thai Twitter users, that was a huge red flag, sparking fears that incriminating user information could be shared with the government.

Sarinee said the “newly set up official Twitter Thailand account was ‘very tone deaf, boring… using official language’…”. For many, when a Twitter spokesperson said the company is “committed to serving an open and public conversation in Thailand and will continue to be transparent” it sounded something like an admission that it is now working with the repressive state.

The, in February, “a Thai Twitter user was arrested for allegedly posting a tweet that insulted the monarchy. It was the first arrest directly linked to a tweet…”. Other users, some of them critical of the monarchy, began to get “visits” from the authorities.

Some users have turned to Minds. It is described this way:

Minds has become popular for its commitment to privacy, decentralization, optional anonymity, radical transparency, free speech, and user rewards in contrast to the surveillance, secrecy, censorship, and algorithm manipulation occurring on many proprietary social networks.

Calling on the military

20 08 2019

It is well understood, almost everywhere, that the current regime is born of and remains a military regime. Sure, that it created a military-backed party has confused some world leaders or allowed them to ignore the martial nature of contemporary Thailand, but Gen Prayuth Chan-ocha’s regime relies on the military, perhaps as much as it did before it entered this civilian charade.

Turning from being a self-appointed prime minister to one voted on largely by minions the junta appointed to the senate, Gen Prayuth moved to cement his relationship with the military by making himself Minister of Defense. Chairing his first Defense Assembly session, Gen Prayuth:

… urged leaders of the armed forces and related departments to work in unison to support the government’s policies, especially on cooperation with the Ministry of a Digital Economy and Society, the National Security Council, and other agencies, on the enactment of cybersecurity related bills. He called on them to come up with suitable responses to cybersecurity threats in the future.

He also urged the defense agencies and the Internal Security Operations Command to ensure safety, apparently giving ISOC a tourism role. Perhaps this can be considered in line with increased efforts to increase the surveillance of foreigners in the country that ranges from tracking location and SIMs and monitoring the use of funds.

The message is clear: the military and Prayuth’s regime are joined at the hip. That connection means Thailand’s government is looking rather like a surveillance state.

Thailand being junta-ed into the future

21 10 2018

Back in 2007, the end of the regime put in place by the junta that conducted the 2006 military coup was marked by the Computer Crimes Act. That junta-ed Thailand in the years that followed, with most of those charged with lese majeste also being charged under the computer crimes law. Of course, many others were junta-ed by the political law.

The current military junta has sought to strengthen the state’s capacity for surveillance. As Sanitsuda Ekachai says in her most recent op-ed:

All our personal and business information will no longer be safe from state surveillance if the draft of a new cybersecurity bill becomes law.

If the bill is passed, the cybersecurity agency, with god-like power could monitor our internet activities and penetrate our systems — without a court order. It could force us to submit information, stop our internet transactions, seize our computers, and issue other measures it deems fit to ward off perceived security threats.

Say “no” and you face a maximum of three years in prison and/or a maximum fine of 300,000 baht.

Like all “cybersecurity” in Thailand, the proposed law is secretive, vague and associated with military and monarchy:

One critic has slammed this cybersecurity law which was hatched in secrecy as being a blatant attempt to make Thailand a Gestapo state. And rightly so.

Make? It is already pretty much there under a military dictatorship. It is just that the current junta wants Thailand to be an anti-democratic state. The proposed law has a “definition of national security is so broad and so vague that anything deemed upsetting to the government and the status quo can be treated as a threat.”

Think monarchy and criticism of a military-backed regime.

Sanitsuda adds:

Also, how critical the threat should be to deserve state intervention is also up to cybersecurity authorities’ judgement. The room for abuse of power in this scenario is huge, especially when the accused has no right to appeal.

More importantly, military security is also defined as national security. This is why the military — in its capacity as an arm of the cybersecurity agency — will be entrusted with the power to freely penetrate our internet systems and force us to follow its order at will.

No government that is not a military government or a military-(s)elected will be able to oppose this military interference or roll back the power this draft law provides for the military. Truly, Thailand will be junta-ed for years, even decades.

Cyber snoops

9 10 2018

In an editorial, the Bangkok Post refers to the military leadership having “unveiled plans to reinforce Thailand’s ‘cyber army’.” That’s a scary plan.

The Post uses terms like: “opaque force” and “Big Brother-like surveillance, accompanied by arrests” that has defined the military’s cyber snooping in recent years, much of it in search of so-called enemies of the monarchy.

The Post states that:

The promise to increase the size and scope of this cyber army came from Gen Pornpipat Benyasri, the new chief of the defence forces (formerly known as the Supreme Commander). In practically his first action after he was officially promoted from his position as chief-of-staff of the armed forces, Gen Pornpipat called a meeting of 300 officers to outline his policies, with cyber security near the top. He wants a bigger force of better trained troops to “solve counter-terrorism problems within 30 minutes”.

The Post reckons that this idea goes back to “the government of Thaksin Shinawatra. Thaksin deceptively created the first Ministry of Information and Communications Technology (MICT) with the promise of promoting online freedom, open internet access and huge digital advances in education. None of that happened, and every prime minister after Thaksin has made it worse.”

That’s only partly accurate. Thaksin had ambitions but just over 2000 sites were blocked in mid-2006. By May 2007, this had multiplied by a factor of 5 and went up exponentially. The levels of censorship seen in Thailand since the 2006 coup are totally unprecedented and have been associated with military and military-backed governments. Being conciliatory towards the real culprits is weak.

To suggest that the “2006 coup-installed lawmakers used Thaksin’s bait-and-switch tactics to get and pass an initial Computer Crime Act (CCA) in 2007” is inaccurate to the point of being  deceptive. HRW’s report from the time is revealing.

The Post seems all too tepid:

Gen Pornpipat’s emphasis on digital security is well taken. However, it will only earn people’s support if he can resist the urge to expand secret government control measures even further. At the moment, far too many resources — money, and tech-savvy people — are involved in suppression of speech, and trapping people on spurious charges such as “harming the image” of the country and the regime. It is time for a proper, consumer-friendly Computer Crime Act. Thaksin’s moribund promise to bring education into the digital age needs to be properly implemented.

A “cyber army” is as necessary for national defence as the regular armed forces. But just as the Royal Thai Army helps out with floods and fires, so Gen Pornpipat’s cyber army should work more with people instead of against them.

This is not just tepid, it is silly. Thailand’s military is for repressing, not for working with the people. For one thing, it doesn’t trust “people,” and prefers to snoop, repress and oppress, which it does with impunity.

More on the digital Panopticon

18 05 2018

Yesterday we posted on the construct a digital Panopticon. The Bangkok Post military affairs reporter Wassana Nanuam has more on the military’s plans for more intensive cyber scrutiny and snooping.

She reports that the Defence Ministry is recruiting civilians and military reserve force members to work as so-called “cyber warriors.” This “special unit” apparently adds to the military’s already extensive “cyber security” capacity.

The bit about using the military reserve is important as Lt Gen Ritthi Intharawut, head of the Defence Ministry’s cyber team, compares its use to the Cold War:

During the Cold War era, the military reserve force was seen as a militia that was very important to the armed forces. But now in the era of cyber warfare, ‘cyber warriors’ are an important asset for the nation….

What Wassana does not mention is that the snooping plan, as in the Cold War, was one of the military’s means for surveillance and for threatening political opponents. Those actions came with associated secrecy and an impunity for the gross acts committed by the military and its semi-trained and armed vigilantes.

Cyber surveillance, threats and legal harassment will assist the military’s continued domination of Thailand’s politics and society.

Constructing the junta’s digital Panopticon

17 05 2018

Anyone who has watched the junta’s boot grinding down political activism, one of the most noticeable and distasteful of its repressive efforts has been to establish vigilantism supporting military hired spies who police the internet for content the military dictators feel is threatening. This usually means online lese majeste although the junta has also bee watchful of its own egos and has also policed the Thai world for political dissidents.

It seems that its “successes” in political repression and censorship have prompted the military and the junta to seek to construct a digital Panopticon. Initially devised by English philosopher Jeremy Bentham in the late 18th century, the idea was to construct a prison where the inmates could be observed without the inmates being able to tell whether or not they are being watched. The idea was to impose order and passivity because the inmates cannot know when they are being watched meaning they become motivated to act as though they are being watched at every single moment.

The junta wants all Thais and others in Thailand to believe they are under surveillance all the time. In other words, the whole society becomes, in everyone’s mind, a political prison.

An editorial at the Bangkok Post states that the junta “plans to recruit civilian so-called ‘cyber warriors’ … it needs to ensure they target the right groups of people.” The military dictatorship is hiring and training another 200 cyber spies, with a goal of having 5,000 by 2023. Such a massive spying mission is in the hands of the Minister of Justice – of which there is little – ACM Prajin Juntong.

The plan announced by the junta “leaves room for worries on whether they will be mainly used as a political tool to suppress freedom of expression and hunt down political dissidents.” Fascists will be fascists.

And, as the editorial notes, “a cyber security bill has been drafted pending approval by lawmakers. If enacted into law, it will allow the authorities to take broader control of online activity, including snooping on individuals’ personal computers.”

Another Bangkok Post story refers to the military – not a regular, civilian ministry – is developing ways of tracking tourists, investors and migrant workers, among others. Such tracking is used in other countries but it is only in the darkest of authoritarian regimes that it is the military doing it.

Be very concerned at how broadly the military has defined its role in Thailand. It has seeped and oozed into every arena and level of civilian administration. Even if a junta party doesn’t “win” the junta-granted “election,” the military thugs will be everywhere. The Panopticon is in place.

Get a VPN

31 12 2017

As the military dictatorship blocks traffic to sites critical of it and the monarchy, we urge readers to set up a Virtual Private Network (VPN).

A VPN “extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across the VPN may therefore benefit from the functionality, security, and management of the private network.”

VPNs are used to protect private web traffic from snooping, interference and censorship.

A VPN is useful for maintaining privacy when browsing and can also be used for unlocking geo-restricted content.

One site suggests 5 best options for Thailand. Others are listed here. Most browsers allow add-on VPNs.

Those who only need ad-hoc VPN capability may consider installing the Opera browser as an additional browser for their desktop/notebook /tablet, since it incorporates  a number of useful security features, which include a built-in ad blocker and a VPN (provided by SurfEasy Inc., based in Canada), which is accessed when needed in the “Privacy and Security” section of Settings.

Some time ago, tests showed SurfEasy free offered several locations for non-Thailand IP access and reasonably efficient speeds for a “free” VPN service; a subscription service is available, which offers better speeds and location options.

Opera software is available for Windows, at ; Mac’s, at ; and Linux, at .

A  subscription VPN extension for Opera/ Chrome/ FireFox that has proved to be stable and memory-efficient under Thai conditions is ZenMate <>.

Readers in Thailand should search for more information on VPNs and evaluate them. They should also continue to be careful about their internet connections. Although more than a year old now, this guide for journalists may assist some readers.

More on VPNs

15 10 2017

We posted recently on VPNs.

A reader suggested another way of using VPNs. PPT can’t vouch for any of these suggestions as we have only tried add-on VPNs for Firefox and Chrome.

Readers in Thailand should search for more information on VPNs and evaluate them. They should also continue to be careful about their internet connections. Although more than a year old now, this guide for journalists may assist some readers.

Our reader suggested that those who just need ad-hoc VPN capability may want to consider installing the Opera browser as an additional browser for their desktop/notebook /tablet, since it incorporates  a number of useful security features, which include a built-in ad blocker and a VPN (provided by SurfEasy Inc., based in Canada), which is accessed when needed in the “Privacy and Security” section of Settings.

In a brief test (not by PPT) SurfEasy free offered several locations for non-Thailand IP access and reasonably efficient speeds for a “free” VPN service; a subscription service is available, which offers better speeds and location options.

Opera software is available for Windows, at ; Mac’s, at ; and Linux, at .

The software is available in “Stable”, “Beta” and “Developer” options; “Stable” has been relatively error-free while “Beta” and “Developer” provide wider ranges of options albeit with the occasional glitch and periodic updates/patches.

A  subscription VPN extension for Opera/ Chrome/ FireFox that has proved to be stable and memory-efficient under Thai conditions is ZenMate < >, which is based in Berlin and thus provides security in line with German law.

%d bloggers like this: