Iran Feature: Limiting the Internet, Monitoring the Users (Farivar)
Cyrus Farivar, on The Internet of Elsewhere, considers the latest attempts by Iranian authorities to monitor computer users and limit access to websites. We add further information and comment from an analyst after Farivar's article:
FARIVAR
Within the last few weeks, there have been reports that Iran has been blocking Tor, an online anonymizing tool, and PPTP and L2TP VPN protocols and most recently an Iranian general said that the Islamic Republic was ready to “reciprocate a cyber attack” by the US or its allies.
On September 14, 2011, the Tor Project reported on its blog:
Yesterday morning (in our timezones — that evening, in Iran), Iran added a filter rule to their border routers that recognized Tor traffic and blocked it. Thanks to help from a variety of friends around the world, we quickly discovered how they were blocking it and released a new version of Tor that isn’t blocked. Fortunately, the fix is on the relay side: that means once enough relays and bridges upgrade, the many tens of thousands of Tor users in Iran will resume being able to reach the Tor network, without needing to change their software.
How did the filter work technically? Tor tries to make its traffic look like a web browser talking to an https web server, but if you look carefully enough you can tell some differences. In this case, the characteristic of Tor’s SSL handshake they looked at was the expiry time for our SSL session certificates: we rotate the session certificates every two hours, whereas normal SSL certificates you get from a certificate authority typically last a year or more. The fix was to simply write a larger expiration time on the certificates, so our certs have more plausible expiry times.
According to Tor’s own figures, an average of about 30,000 Iranians inside of Iran are using the online tool to circumvent Iran’s filters and online surveillance system, and also to hide their tracks online.
More recently, the government has recently also been cracking down on the use of VPNs.
Reza Taghipour, the head of Ministry of Information and Communications Technology, told reporters in Tehran last week that “VPN and its usage is against the law.”
“All countries have their own specific rules for using Internet,” he added.
Finally, Iran has been stepping up its language in response to the Stuxnet attack, which hit Iran’s nuclear program over a year ago.
“Iran will reciprocate [any] cyber attack by the United States or its allies,” said Brigadier-General Ali Shadmani, head of the Operations Department of the Iranian Armed Forces, in a statement to the press last week.
These new policies are very consistent with Iran’s previous behavior of saying that it would be countering American Internet freedom policies and would be stepping up graduate-level cyberdefense programs.
COMMENT
1. The Ministry of Communications, through Fars, is publicly applauding the blocking as a sort of public-private partnership. According to one report, the action was undertaken by the telecommunications companies in response to legal restrictions on filter circumvention, and not some form of central change in the firewall.
2. VPN is not very adaptable and thus a very easy target for blocking --- so, one should not infer that this is an "upgrade" in the technology of the filter, rather it is the result of a political decision. The previous hypothesis was that they would not block it because of the needs of international businesses, however, this appears to have been wrong and is a lesson for the future.
3. Ultrasurf is reportedly suffering availability issues as well. This is significant as these two methods were by far the most popular ways of bypassing Internet filtering in Iran. The usage of Ultrasurf
and VPN as a lifestyle-device was rampant, even if just for browsing Facebook, YouTube, and adult activities.
4. It will be interesting to see how the public responds and what steps the telcoms and government take next. As the Tor Project reveals, Iran seems to be more inclined to take technologically easy shots than really crack down. Regardless, the technological and policy changes of the past two weeks highlight why projects like the "Internet in a Suitcase" are useful but not sufficient means to fill the needs of the
so-called Internet Freedom agenda.
Reader Comments