Iran's Internet Crackdown Is Like Catnip to Hackers
Saturday marks the 33rd anniversary of the Islamic Revolution in Iran, and with a new wave of anti-government protests expected to mark the occasion, the government there has reportedly gotten nervous enough to turn off the Internet, or at least restrict it considerably.
Saturday marks the 33rd anniversary of the Islamic Revolution in Iran, and with a new wave of anti-government protests expected to mark the occasion, the government there has reportedly gotten nervous enough to turn off the Internet, or at least restrict it considerably. A spate of stories on Friday reported that sites that use encrypted data, including Google, Yahoo, Hotmail, and Facebook (basically anywhere you see "https" instead of "http" in the address) had been blocked. But the Iranian government hasn't acknowledged that it’s restricting anything. Regardless, a lot of hackers and information activists seem to almost welcome the chance to exercise their skills in circumventing those controls and attacking the Iranian government's web presence.
The crackdown reports come from individual users, not any official source. Ars Technica cited an Iranian poster on Hacker News who wrote that "since Thursday Iranian government has shutted [sic] down the https protocol which has caused almost all google services (gmail, and google.com itself) to become inaccessible." CNET's Charles Cooper cited one Iranian source who said access to the sites was blocked, but, "the interesting thing is that when asked, they deny the fact that all these services are all blocked." The Washington Post cited its own correspondent in Tehran, Thomas Erdbrink, who said that often, but not always, while trying to access Gmail, Facebook, or even the Post itself, he'll get an error message that translates as: "according to computer crime regulations, access to this Web site is denied." Google's Transparency Report, which tracks traffic coming out of specified regions, showed a lull on Friday, but it was roughly comparable to lulls on other Fridays in recent weeks:
Even if the government isn't actively blocking sites such as Google right now, many fear it will do so regularly starting soon, as Iran gets ready to debut a so-called national Internet, which Radio Free Europe and Radio Liberty describe as "a domestic computer network that would be compatible with Islamic principles and work independently from the World Wide Web." In a separate Post article about the national Internet, Erdbrink wrote that "The government’s technology officials have announced the construction of a domestic Internet network comparable to an office intranet, which would block many popular sites." As Cooper explains, the national Internet would make it harder to access censored sites even by proxy servers, the remotely located servers that disguise users' online identities:
Right now, if Iran now blocks proxy servers and VPN connections for more than a few days, companies with branches or headquarters in the country are cut off from communicating with fellow employees around the world other than by telephone. That forces the government to open the spigot for everyone. Once the new network goes into effect, ordinary Iranians would wake up to a more censored Internet.
This kind of thing rings like a challenge to developers and hackers bent on keeping the Internet open and free. One such group working to that end, the TOR project, has already developed a new kind of proxy server that would disguise encrypted data as unencrypted. It's called obfsproxy, for obfuscated proxy, and it essentially disguises encrypted web traffic as unencrypted traffic. Tor has this helpful diagram on its site:
As Forbes' Andy Greenberg reports, Tor developers see the Iranian crackdown as a perfect chance to try out their new project. Tor put out a call on Friday for people co-create so-called bridges, essentially secret proxy servers doled out on an individual basis. The project works, but the Electronic Frontier Foundation's Eva Galperin told The Atlantic Wire that the obfsproxy project was too complicated to be a legitimate long-term solution to getting around the National Internet. "The problem with privacy and security and Internet circumvention tools is that they are only as useful as they are simple. If the only people who can run your Internet circumvention tool are engineers or privacy principals, then you haven’t really provided any circumvention," Galperin said. "Right now it’s not particularly easy to use." So most Iranian users must still rely on standard-issue virtual private networks and proxy servers to circumvent censorship.
Another group attracted by Iran's reported censorship binge is Anonymous, not necessarily because it wants to help people get online, but because it wants to knock the Iranian government offline. On Twitter, accounts including @AnonymousPress shared a link to a Friday blog post from U.S. Cyberlabs, which outlined vulnerabilities in Iran's government sites. "The same vulnerabilities that Syria has they have," wrote blogger gatomalo, clearly referring to the Anonymous-linked hack that revealed internal Syrian government communication -- including President Bashar al-Assad's email. "You know what to do," wrote @AnonymousPress.