.

Tuesday, February 14, 2012

Iran's Internet blocking experiment ends for now

Last Friday I noted that Iran was blocking all SSL (secure encrypted) Internet connections to the outside world.

It appears that the experiment has run its course - for now:

Most computer users in Iran were blocked from accessing email, social networking and other services in recent days, US-based internet experts said on Monday, raising fears the government is extending the reach of its surveillance to ordinary citizens.

Internet service providers presumed to be acting at the Iranian government's behest began blocking the most common form of secure connections on Friday, according to the outside experts and Iranian bloggers. Traffic rebounded to normal levels on Monday.

The cutoff apparently affected all encrypted international websites outside of Iran that depend on the Secure Sockets Layer protocol, which display addresses beginning with https, according to Earl Zmijewski of Renesys, a US company that tracks internet traffic worldwide.

Google, which uses SSL for its Gmail service, reported that traffic from Iran to its email system fell precipitously.

Gmail use, which typically drops by about 80 percent at night, dropped by roughly 95 percent Friday and remained that low during daylight hours through the weekend before recovering Monday, according to Google's publicly posted access statistics.

Tor, a system for hiding the location of internet users, saw a similar falloff first in the Iranian capital of Tehran and then throughout the country, said Tor Executive Director Andrew Lewman.

Though other countries, including Belarus and Myanmar, have blocked SSL access before, Iran is the largest country to have tried it, Lewman said. Egypt turned off the internet completely a year ago during the uprising there, and China has done that in some regions.

It was unclear why the blocking stopped. Some Iranian politicians complained and businesses might have objected, but most tracking the situation said it was likely that the experiment had run its course.

"The government is testing different tools," said Hamed Behravan, who reports on Iranian technology issues for the US government-funded Voice of America. "They might have wanted to see the public reaction."

Behravan said Iranian sites using SSL remained available, including banking sites.

Tor has been developing a version of its program that is encrypted but does not need an SSL connection, and it distributed that over the weekend to people inside Iran who reported that it worked well, Lewman said.

Iranian officials have said they do not intend to block all connections to the outside world from a new national system they are developing. But direct links could be made to run very slowly, Behravan said.

The new network could help Iran ward off spying or attacks from other countries and keep a closer eye on domestic activities.

The country already has built up one of the most sophisticated infrastructures for monitoring and controlling internet content, with the ability to dig deep into communications and change various protocols.

During political protests in the past, Iran reduced bandwidth so that posting videos took hours.

With the SSL shutoff and recent remarks by officials, Behravan said the new network could launch within a month.

"I will not be surprised if it happens tomorrow," said Iranian computer scientist Arash Abadpour of Toronto, who blogs under the name Kamangir.
Blocking SSL is not a good way to stop cyber-attacks, so this seems to be done purely to stop Iranians from getting to the Web and using social networking sites. In the wake of the events in the Middle East over the past year, it seems to reveal far more about Iran's fear of an internal revolution than anything else.

Technology and freedom have a way of winning these battles. Just as Tor was able to get around the SSL restrictions within a day, it should be possible to write programs to consolidate a dozen or so "slow" connections to create a fast one for critical communications like video uploads (which have been key in Syria's revolution.) It would essentially be a reverse BitTorrent where videos are uploaded in pieces from different client PCs at once.

Any data can be transmitted through any protocol, and any data can be encrypted. (Being 100% anonymous while doing this is a little harder, unfortunately, but one can make it difficult to be found.) As long as there are any Internet connections from Iran to the rest of the world it will be possible to get critical information out.