[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Iran cracks down on web dissident technology


Iran cracks down on web dissident technology

Iranian security authorities have launched a new crackdown on dissidents
online by blocking US government-backed technology that allows them to speak
out safely.

Tor took off in Iran after the disputed 2009 election Photo: AFP/GETTY

By Christopher Williams, Technology Correspondent 7:00AM GMT 18 Mar 2011

Internet freedom activists believe the regime in Tehran has implemented
highly sophisticated internet surveillance technology and that an information
âarms raceâ is now inevitable.

The crackdown targeted Tor, a free piece of software that allows anyone to
connect to internet via a global private network that hides computer IP
addresses, which could be used by authorities to identify and locate
dissidents. It also encrypts the contents of users' internet communications,
making eavesdropping on emails, Facebook, Twitter and other applications more

On average, around 250,000 computers worldwide are connected to the Tor
network at any time, making it the leading anti-surveillance technology

But in mid-January, as revolutionary fervour swept the Middle East, the
number of computers connected to the Tor network via one major Iranian
broadband provider collapsed almost overnight from more than 11,000 to zero.

Investigations by the Tor Project, the not-for-profit company that runs the
system, have since revealed that, crucially, other encrypted traffic such as
internet banking was still flowing. It meant Iranian authorities had for the
first time found a way to identify and block only Tor connections, and
therefore a way to potentially identify dissidents.

âWhat they did was vastly upgrade their capability,â said Andrew Lewman,
executive director of the Tor Project.

The technology responsible for the new threat was Deep Packet Inspection
(DPI), a type of high-end network equipment that uses ultra-fast microchips
to read and classify internet traffic in transit. The Iranian authorities
used DPI to detect the highly specific parameters Tor uses to establish an
encrypted connection.

âFrom an engineering perspective this is fantastic,â said Mr Lewman of his
adversaries' efforts.

He added that the Tor Project had known it could be attacked in this way âfor
yearsâ, but had chosen not to take pre-emptive measures because âweâre trying
to have an arms race really slowlyâ. In the last few weeks developers have
redesigned the software so that its traffic looks just like any other when it
sets up an encrypted connection, and Iranian user numbers are now back to

It is unknown who supplied Iran with the DPI technology, but few technology
manufacturers build equipment capable of reading and classifying internet
traffic at the necessary scale and speed. Last year, Nokia-Siemens faced a
European Parliament hearing after it admitted selling a mass communications
âmonitoring centreâ to an Iranian mobile network.

âWho knows, maybe they just got someone to configure it for them,â Mr Lewman

Whoever the supplier, the temporary block on Tor does show that Iran is now
more advanced than even China and its Great Firewall in terms of the
technology it uses to suppress dissent online, said Mr Lewman. The regime has
rapidly caught up with its critics since the unrest following the 2009
election, when the number of Tor users rocketed from approximately 1,200 to
2,800 in a matter of days as many Iranians first began to use social networks
to organise protests.  The value of âinternet freedomâ technologies to US
foreign policy has not gone unnoticed in Washington: the Tor Projectâs arms
race with Iranian authorities is funded in part by grants from both the
Department of Defense and the State Department.
tor-talk mailing list