Five Technologies Iran Is Using To Censor the Net

alphadogg sends in a Network World piece on the unexpectedly effective technologies Iran is now employing to thwart their citizens' access to the Net. "While the government's initial efforts to censor the Internet were blunt and often ineffective, it has started employing more sophisticated tools to thwart dissidents' attempts to communicate with each other and the outside world. Iranian dissidents are not alone in their struggle, however, as several sympathetic hacker groups have been working to keep them online. One such group is NedaNet, whose mission is to 'help the Iranian people by setting up networks of proxy severs, anonymizers, and any other appropriate technologies that can enable them to communicate and organize.' NedaNet project coordinator Morgan Sennhauser, who has just written a paper detailing the Iranian government's latest efforts to thwart hackers (PDF), says that the government's actions have been surprisingly robust and have challenged hackers in ways that the Chinese government's efforts at censorship have not."

So...

[TitusC3v5]

I'm waiting for the follow-up article, 'Five Technologies Iranian Citizens are Using to Bypass the Censors.'

USA

[Anonymous Coward]

I can list 10 technologies CIA is spying on Americans and 15 reasons the media tries to keep quiet about it.

Re:technical assistance

[Red Flayer]

FWIW... I'm taking Nokie/Siemens words with a grain of salt... they are not exactly a neutral party.

I don't know if they should be considered in any way culpable (lots of research to be done), but any link that contains the words "press release" needs to be vetted thoroughly by an independent party.

Re:technical assistance

[Red Flayer]

It's quite possible that they're using tools they are implementing without outside help. But given the scope of the project, and the increase in effectiveness, I'd expect that they've hired someone to help.

Re:technical assistance

[grcumb]

And the company themselves debunked this rumor. http://www.nokiasiemensnetworks.com/global/Press/Press+releases/news-archive/Provision+of+Lawful+Intercept+capability+in+Iran.htm [nokiasiemensnetworks.com]

That's a rebuttal, not a refutation.

Nokia-Siemens are basically stating (correctly) 'we didn't do anything there that we aren't required to do elsewhere.' That's all well and good, but it doesn't address the fundamental question: Is what they did in Iran (and do elsewhere) the Right Thing?

The whole question about how - and when, and who - to intercept in the context of the Internet is particularly troubling. Here's an excerpt from a longer piece [imagicity.com] I wrote about the situation:

Nokia-Siemens, defending its role in the creation of a centralised mobile telecommuncations network, stated recently that:

In most countries around the world, including all EU member states and the U.S., telecommunications networks are legally required to have the capability for Lawful Intercept and this is also the case in Iran. Lawful Intercept is specified in standards defined by ETSI (European Telecommunications Standards Institute) and the 3GPP (3rd Generation Partnership Project).

Yes, decentralised communications come at a cost. They make surveillance efforts of all kinds more difficult. The two competing questions we need to ask ourselves are:

1. How far are we willing to compromise ourselves in the pursuit of state security?
2. How much are we willing to compromise state surveillance capability in order to protect our own freedom to communicate?

These are knotty issues with complex and often subtle ramifications on society. They demand a level of public engagement on the principle - and more importantly, the practice - of free speech that we havenâ(TM)t seen since the Red Scare of the 1950s.

Re:No business

[aaandre]

Oppressive regimes see their own countries' intellectual elite as an enemy.

Re:Censorship is absolute or doomed.

[aaandre]

Not if the government decrees and installs mandatory censorship backdoor software/hardware on every communication device sold. Passing laws for that to happen in the name of the children or the security or freedom is easier than we think. It will probably be called Free Speech Protection or something similar.

Then, even though communication around it will be theoretically possible, the threshold will be high enough from technical standpoint and if tampering with the device is punishable with harsh enough measures, then few enough people will make efforts to go around it, which is few enough from the governing entity's standpoint.

Possible future solutions are being beta tested in places like UAE, China, Korea, and now Iran.

And speaking of bright minds, history shows that oppressive governments never mind putting a bullet through one.

Does it involve voting fraud?

[mi]

I can't be bothered with an on-line PDF-file — is voting fraud [slashdot.org] on the list? Because the Honduran fraudster got the backing [thehill.com] of the current US Administration... Someone needs to tell the mullahs, that the easiest way to the heart of America's President may lie through something, that they already doing...

(Flamebait my muscular behind...)

Re:technical assistance

[Runaway1956]

Accountability, the man says? Where is the media? Are they ALL in bed with the politicos?

The fact is, politicians have not only enabled monitoring and censorship, they have mandated it. There is no reason in the world to think that only "good guys" will have those weapons. Monitoring and censorship are a little like guns and knives - good guys might have them, bad guys WILL have them.

The accountability for repressive technology begins in the UK's ministries, and in the US' congress and senate, and we can keep right on accounting through the rest of Europe, Australia, Canada - - -

Odd - repressive technology is only bad when it's the OTHER guys doing the repressing.

Re:technical assistance

[Anonymous Coward]

It's likely their own internal IT guys with off the shelf hardware doing it. It doesn't take a genius nor a ton of money to do what they're doing. Having setup QOS in Linux and seeing the capabilities of various other projects, it's quite trivial.

The packet inspection? Likely http://l7-filter.sourceforge.net.
Where's the QOS coming from? Just the built in Linux kernel stuff that comes with every distribution.
Want to monitor and log all of that and be able to search it? http://www.ntop.org
Want to block stuff based on ports/l7 matches/ip address? iptables

Though it would require some beefy hardware or a bit of creativity, setting up something like this would require some technical know how and a few hours of reading and maybe a week or two to set it up, test, and throw it into production.

Re:Don't Worry Folks

[agw]

Yes, Iran has a long history of attacking other countries in wars of aggression so claiming peaceful use is a farce.
Nuclear technologiy is only safe with peaceful countries who have never lead any wars of aggression or used WMD, like say the U.S.A. and Germany.

Oh, wait...