Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Censorship Your Rights Online

From Slaying Dragons To Dictators 233

tcd004 writes "In a weekend, programmer Austin Heap transformed from an apathetic MMO player to a world class regime-slayer. When word for Iran's rigged election broke over Twitter, Heap decided to dedicate himself to building a better proxy system for people behind Iran's firewall. Heap's creation, Haystack, conceals someone's real online destinations inside a stream of innocuous traffic. You may be browsing an opposition Web site, but to the censors it will appear you are visiting, say, weather.com. Heap tends to hide users in content that is popular in Tehran, sometimes the regime's own government mouthpieces."
This discussion has been archived. No new comments can be posted.

From Slaying Dragons To Dictators

Comments Filter:
  • Why is this article being put out now? The Iranian elections were awhile ago
    • Re: (Score:3, Funny)

      by _Sprocket_ ( 42527 )

      Do you perhaps have some conspiracy theory prepared to answer your own question?

    • Re: (Score:3, Insightful)

      by h4rm0ny ( 722443 )

      Why is this article being put out now? The Iranian elections were awhile ago

      Maybe they think those of us pointing out that the elections weren't rigged will have got bored and gone away by now or that endless repetition will have made the "rigging of Iranian elections" accepted history at last.

      There's no good evidence that Iran's elections were rigged. Whether Western powers like it or not, Ahmadinejad seems to have won legitimately. He's actually very popular in rural areas and not unpopular in Tehran,

  • by $RANDOMLUSER ( 804576 ) on Tuesday August 17, 2010 @04:26PM (#33281330)
    But "looking at porn" wasn't one of the viable alternatives?
    • by way2trivial ( 601132 ) on Tuesday August 17, 2010 @04:43PM (#33281572) Homepage Journal

      Iranian law is pretty tough on smut
      http://www.google.com/search?hl=en&safe=off&q=pornography+laws+in+iran&aq=f&aqi=&aql=&oq=&gs_rfai= [google.com]

      Here's one snip from one result
      "The AP reports that Iran's parliament on Wednesday voted in favor of a bill that could lead to death penalty for persons convicted of working in the production of pornographic movies. "

      "Adnkrnonsinternational reports that under the new law, anyone distributing pornographic material can be sentenced to a fine of up to 16,000 euros while owners of a porn video or film risk up to 76 lashings. "

      "Executing Iranians involved in the porn industry isn't a brand new story, unfortunately. "

      • by commodore64_love ( 1445365 ) on Tuesday August 17, 2010 @05:06PM (#33281870) Journal

        I hate moral dictatorship. It doesn't matter if it's coming from a Muslim government, the Church of Rome, or politicians. Ya know... it's my life. If I want to be an asshole that looks at porn, doesn't go to church, and keeps to himself, I have that right. Stop trying to force me to adopt your moral beliefs.

        So this HAYSTACK program. Would it work in the US and EU? It appears the answer is "no" since it was specifically designed for Iraq.

        • Re: (Score:3, Insightful)

          by 32771 ( 906153 )

          > If I want to be an asshole that looks at porn, doesn't go to church, and keeps to himself, I have that right.

          It would sound much better if you would replace that 'and' with an 'or'.

          Also you have to understand those overly religious societies. They are under considerable stress while surviving in a harsh environment by any means possible (if there is no stress you can create some, i.e. with lacking medical insurance). This creates a situation where even the most basic needs of a human being may remain u

      • ...owners of a porn video or film risk up to 76 lashings.

        In some circles that's considered a bonus feature.

      • Iranian law is pretty tough on smut .... death penalty for persons convicted of working in the production of pornographic movies ....

        Meh. This is Iran we're talking about. I'm pretty sure they have the death penalty for driving without a seatbelt. A law isn't considered "tough" there unless the punishment involves teeth pulling and genital mutilation.

  • by Monkeedude1212 ( 1560403 ) on Tuesday August 17, 2010 @04:27PM (#33281346) Journal

    I don't know if I'd consider setting up a good Proxy server as "Slaying a Dictator".

    I think that's actually part of a big chain quest so that you can get keyed along with a large group of people to then slay the dictator.

    • Re: (Score:3, Insightful)

      by SomeJoel ( 1061138 )

      I don't know if I'd consider setting up a good Proxy server as "Slaying a Dictator".

      I think that's actually part of a big chain quest so that you can get keyed along with a large group of people to then slay the dictator.

      You must first reach exalted with several factions, including "UN" and at least a few of the "U.S. Military" subfactions. Otherwise you can't even zone in.

  • Proxy Ban? (Score:3, Insightful)

    by Soporific ( 595477 ) on Tuesday August 17, 2010 @04:32PM (#33281414)

    Wouldn't they just ban anyone connecting to known proxies or any proxy in general that wasn't set up by the authorities?


    • This isn't like Counterstrike where you can just straight up ban someone by IP for doing something you don't like - not only can the authorities not watch everything but also the internet itself is so complex that's hard to determine what's happening precisely.

      Is there any way for you to tell right now if I'm using a proxy or not?

      • No, but I'd think that in an extremely censored nation they might only allow citizens to connect through specified egress points or exchanges which could be monitored. I guess the point of the software is to mast that activity, but is it really a stretch to see a government hell bent on controlling its citizens start using a white list?


    • They can't stop you from connecting to a local proxy that's running on the same machine as your web browser.

      From the Haystack FAQ we can surmise that you run some small client program and point your browser at that.

  • by Wyatt Earp ( 1029 ) on Tuesday August 17, 2010 @04:33PM (#33281426)

    It is not a dictatorship.

    Misguided, dangerous, theocratic, abusive, yes. But not a dictatorship.

    • Which country are you writing about specifically?

    • Re: (Score:3, Insightful)

      by CRCulver ( 715279 )
      The mullahs are the highest authority in the country, and they are not answerable to elections. They also have their own private army which is not responsible to the voice of the people even in the most abstracted fashion. Hard to claim that's not a dictatorship.
      • by Wyatt Earp ( 1029 ) on Tuesday August 17, 2010 @05:11PM (#33281934)

        That would be a theocracy. Not a dictatorship.

        "Theocracy is a form of government in which a god or deity is recognized as the state's supreme civil ruler, or in a higher sense, a form of government in which a state is governed by immediate divine guidance or by officials who are regarded as divinely guided."

        "Iran's government is described as a "theocratic republic".Iran's head of state, or Supreme Leader, is an Islamic cleric appointed for life by an elected body called Assembly of Experts. The Council of Guardians, considered part of the executive branch of government, is responsible for determining if legislation is in line with Islamic law and customs (the Sharia), and can bar candidates from elections, and greenlight or ban investigations into the election process."

        A dictatorship is ruled by an individual. So like Iraq before Operation Iraqi Freedom kicked him out of power.

        • Re: (Score:3, Informative)

          by CRCulver ( 715279 )

          A dictatorship is ruled by an individual.

          Not necessarily. Ever hear the phrase "dictatorship of the proletariat" within Marxist-Leninist thought? There the dictatorship would be ruled by the working class as a whole.

          If you bothered looking up "theocracy" in the dictionary, then you should have looked up "dictatorship" too. Merriam-Webster give as their third definition: "3 a : a form of government in which absolute power is concentrated in a dictator or a small clique b : a government organization or group

          • by tenco ( 773732 )
            Dictionary? WTH. Try a encyclopedia next time: http://en.wikipedia.org/wiki/Dictatorship [wikipedia.org]
            • Look, a dictionary is a normal tool for looking up the meanings that have been ascribed to words. In spite of the OP's claim, the word "dictatorship" is regularly used in the English language to describe governments like Iran's. The Wikipedia article is wrong inasmuch as it attempts to fix the word to a single meaning, while standard dictionaries like M-W which I cited above and the OED show it has a range of usages.
              • Re: (Score:3, Insightful)

                by h4rm0ny ( 722443 )

                Ever heard someone refer to Internet Explorer as "The Internet"? Does it make your teeth grind? Same principle, I'm afraid. Those of us who understand the meanings of words have a responsibility to use them correctly and lead by example.
        • by DrXym ( 126579 )
          A dictatorship is ruled by an individual. So like Iraq before Operation Iraqi Freedom kicked him out of power.

          So Iran is more analogous to a religious junta.

      • by hitmark ( 640295 )

        i think the term is theocracy. And technically speaking; the vatican is the same, on a much smaller scale.

    • by DrEasy ( 559739 )

      Godwin Law alert: it is a dictatorship if you can only choose between Hitler and Mussolini at the elections.

      Any opposition party worth its salt is banned in Iran.

  • thinkofthechildren (Score:3, Insightful)

    by esocid ( 946821 ) on Tuesday August 17, 2010 @04:39PM (#33281502) Journal
    I look forward to a 'thinkofthechildren' argument from some congressman in the future about why it should be illegal here.
    • Re: (Score:3, Informative)

      Already happening. Just about anyone running a Tor Exit node is at risk for Kiddie porn charges. I had friends that set up Tor nodes during the Iran unrest. One of them decided to see if it was doing any good and was shocked that more than half the traffic was actually porn and a fair amount of it kiddie porn. As soon as he told the others, everyone stopped hosting the nodes and a couple even Dbaned their HDD's. No one wanted to risk being caught. None of them were rich enough to fight it.

  • by Zantac69 ( 1331461 ) on Tuesday August 17, 2010 @04:42PM (#33281556) Journal
    I thought this was a new game coming out where you did both: Grand Theft Horse 2 - The Dark Ages.
  • by by (1706743) ( 1706744 ) on Tuesday August 17, 2010 @04:46PM (#33281598)
    It must be tricky to hide sensitive data in innocuous data streams. Of course, I'm sure it's possible...
    • by Eternauta3k ( 680157 ) on Tuesday August 17, 2010 @04:58PM (#33281788) Homepage Journal
      You forgot to bold the space. Like this.
    • Re: (Score:2, Informative)

      by scorp1us ( 235526 )

      How you can do it without a proxy. Open up one tab of your real destination. And 8 other innocuous tabs. Then generate a volume of traffic on those tabs, occasionally clicking on the first, real one.

      You can't "hide" your destination in volume. People don't search that, computers do. If there is a DNS entry resolved, or a host IP used, it can be logged. You're not hiding anything, or even pissing anyone off. You can't even hide your destination in SSL. All they need is a databse of IPS taged with topics, and

    • And someone mod him up.

  • This guy should not be sitting for laudatory news coverage. These are the same people that brought you death sentence fatwas in absentia, and the religious nutjobs to carry them out.

  • by scribblej ( 195445 ) on Tuesday August 17, 2010 @04:53PM (#33281716)


    Less than a month and many all-nighters later, Heap and a friend had created Haystack. The anti-censorship software is built on a sophisticated mathematical formula that conceals someone's real online destinations inside a stream of innocuous traffic. You may be browsing an opposition Web site, but to the censors it will appear you are visiting, say, weather.com.

    This doesn't make sense. It still has to connect to and load the BAD website, too...

    Other anti-censorship programs--such as Tor, Psiphon, or Freegate--can successfully hide someone's identity, but censors are able to detect that these programs are being run and then work to disable the communication. With Haystack, the censors aren't even aware the software is in use. "Haystack captures all outgoing connections, encrypts them, and then masquerades the data as something else," explains Heap. "If you want to block Haystack, you are gonna block yourself."

    OK, this makes so little sense I can't even figure out how to respond to it.

    Heap intends to gradually develop Haystack's presence in the country. He has started to share it with select activists and trusted individuals on an invitation-only basis. They will then be asked to share it with their friends. It is the same model that was originally followed by Google's Gmail. The targeted approach is smarter from a security standpoint. Also, he doesn't want the software to collapse from low-value demand.


    Yeah, there's one word for this whole article. BULLSHIT. It stinks.

    • by sstamps ( 39313 )

      Yeah, I think there is a bit of hype involved. It sounds basically like an obfuscating proxy server. Requests and data are encrypted and obfuscated in normal requests to innocuous websites like weather.com.

      The thing is that it still will require use of a proxy server, and it most certainly can be EASILY detected with a number of methods, ranging from diff-ing to statistical analysis of data being transferred. I have no doubts that the Iranian government has the ability to get a copy of the software and dete

    • Re: (Score:3, Informative)

      by StikyPad ( 445176 )

      The article may be the nonsensical writings of an unsavvy reporter, but the project itself seems real enough.

      http://www.censorshipresearch.org/projects/introduction/ [censorshipresearch.org]
      http://www.censorshipresearch.org/about/ [censorshipresearch.org]
      http://www.haystacknetwork.com/ [haystacknetwork.com]

      • Thank you for those links. After reading in more detail, I think I'm kind of sticking with my claim of bullshit. Of course I wouldn't put it so strongly now but I still don't see how he can do what he is claiming and make it difficult (or as he claims, IMPOSSIBLE) to block.

    • Check out their FAQ:

      "at the same time allows users to security use normal web browsers and network applications."
      "Haystack hides traffic to any from the internet at large inside traffic "
      "The executable is under half a megabytes "
      "We would like to see our as many people as possible assert their human right to free expression."
      "revealing the source code at this time would only aide the authorities"

      Plus their FAQ logo actually says QFA. If they pay so little attention to detail on their site, I can just imag

    • Re: (Score:3, Interesting)

      by jd ( 1658 )

      It's basically security through obscurity. A dangerous, but popular, past-time that never actually delivers at the end of the day. Not through lack of sincerity (necessarily) but through the fact that such a method is inherently flawed. Being easy doesn't mean it's any good. It's ultimately why steganography alone is not secure - there will be fingerprints (always) that allow you to separate the two signals and thus yield the original message, if the message is kept as-is. In the case of steganography, the

    • I agree. Looks to me like this can go one of three ways.
      1) It's real and someone relies upon it and gets caught and punished because it has failed, or
      2) It's actually been created by the Iranian government, or
      3) It's a scam and totally fake
      I'm leaning toward (3) right now.
  • by SuperKendall ( 25149 ) on Tuesday August 17, 2010 @04:54PM (#33281726)

    Given that the regime in question is still very much in control, and that the only slaying that was done was by the regime, I find the term "regime slayer" to be laughable at best and really offensive at worst for those that hoped for better for the Iranian people.

    That was an extreme case showing that sometimes, mere communication is not enough to evoke change.

  • by Grond ( 15515 ) on Tuesday August 17, 2010 @04:57PM (#33281768) Homepage

    As this article in Foreign Policy explains, the Internet, especially Twitter, didn't contribute nearly as much to the protests in Iran as has been reported: Misreading Tehran: The Twitter Devolution [foreignpolicy.com]. "Word of mouth was by far the most influential medium used to shape the postelection opposition activity." Other major media included text messages and email, which this software wouldn't help much with.

    Efforts to counter censorship and intrusive government monitoring should be applauded, but it's a bit premature to call this "world class regime-slaying."

  • by phantomcircuit ( 938963 ) on Tuesday August 17, 2010 @05:02PM (#33281838) Homepage

    All I see is a bunch of "Donate Now!" buttons/links, no actual software. http://www.haystacknetwork.com/ [haystacknetwork.com]

    • Haystack is currently available to a select number of users in Iran in our beta phase and is being prepared for a final release. We plan to start our official release of haystack as soon as we obtain the necessary funds to expand our network capacity to support a sufficiently large number of users.

      I would like to learn more about how this actually works, though...I'm kind of disappointed that TFA was more of an informational piece about the developer than about the tech itself, though I guess I should have expected as much from the headline.

    • by moxley ( 895517 )

      0. When will Haystack be ready?

              Haystack is currently in the beta testing stage, and we are in the process of working out the last kinks in the system. We are also in the process of taking care of a number of procedural hurdles that must be settled before the program is operational. We are aiming for a full release sometime this winter.

  • Sounds good.

    How many regimes has he slayed, exactly?

  • how long before the first bittorrent clients show up that borrow from this?

Old programmers never die, they just become managers.