Iranian Citizens Subject to Internet Throttling and Pre-election Hacking Campaign

In advance of the June 14 Iranian presidential elections, many of the country’s 42 million Internet users experienced increased censorship online. According to a Reuters report, the government’s already tight grip on cyberspace tightened even further over the past few months. Since March, “Iranians have faced slower access to encrypted international websites using the Secure Sockets Layer protocol, with addresses beginning with ‘https,’ such as … Gmail, and this could push them to resort to unencrypted sites easily watched by the state.”

As the Internet has become an increasingly important tool for self-expression, control over online spaces has become an ever-evolving contest of wits and skills. Without using precautions, casual communications or dialogue suspected of containing subversive content can be intercepted, read, and traced back to  its author, often at high cost to those authors.  Despite these risks, users continue to seek online avenues to stay connected and spread news.

One of the biggest challenges for Iranian Internet users is censorship of online communications. During the month of June Herdict received a third of its total reports from Iran for the year.  This high volume is largely due to Herdict’s partnership with ASL 19.  During this period of time, Herdict received over 1,200 inaccessible reports, many with popular sites such as Facebook, YouTube, and Twitter.  Interestingly, Herdict also received reports that many of those sites were occasionally accessible, suggesting that the blocks were inconsistent or often incomplete.

These challenges with access, however, don’t mean that Iranians can’t access the sites the government has blocked.  ASL19 reports 5,000,000 known websites are currently blocked in Iran. But ASL 19 helps Iranians get past censorship using Psiphon, a popular circumvention tool.  Twitter is an interesting challenge in Iran because religious and political figures sometimes use it to promote their own agendas, but citizen and civil rights groups often encounter problems with their accounts. Tweets and blogs and press releases were all part of presidential candidates’ campaigns while citizen journalists and groups like the Committee to Protect Journalists (CPJ) were essentially “muzzled” and “chained.”

Bypassing censorship often has downsides in the form of slow and unreliable connections.  A hacker identified as “D” believes that bypassing Internet censorship in Iran isn’t exactly rocket science. “D” said in an interview with Arutz Sheva, an Israeli news Channel, that getting past blocks imposed by the Iranian government in anticipation of last month’s election wasn’t all that difficult for users willing to wait for slow sites to load or those not “spoiled” by fast, easy access to HD images rather than plain old text.

Some of the tools used to evade censorship may also help users avoid surveillance.  Google reported that the Gmail accounts of many Iranian citizens’  had been hacked. Google explained that it had to intervene to address  “politically motivated phishing against thousands of Gmail users in Iran on the eve of the country’s presidential election.”  While use of VPN services wouldn’t stop a phishing attack, it can help encrypt the content of the communications leaving the country.

Many Iranians use VPNs, software to create the illusion that they are accessing the Internet from outside the country. By providing a secure encrypted connection to servers outside of the country, VPNs bypass the government’s content-based web filter because they make it harder for the government to see what sites a citizen is accessing.  Iran, however, has targeted VPNs in general and many of these services have had unreliable connections in Iran for the past year. In response, group of citizen bloggers and activists recently wrote a letter to president-elect Hassan Rouhani lamenting slow connection speeds and asking him to “please fix the Internet.”

If we are to learn something from the struggles of those trying to communicate freely online in Iran, it might be that patience is necessary but not sufficient. Knowledge and skills are essential too. You can find out more about evading censorship through ASL 19, Psiphon, or Alkasir.

What Difference Will Prism Make?

This month, The Guardian newspaper confirmed what many advocates of internet freedom already suspected: that the US’s National Security Agency (NSA) had been monitoring the private online activities of people all over the world, including US citizens. According to whistleblower Edward Snowden, many Internet giants such as Microsoft, Apple, Facebook, Google, YouTube, Skype, and AOL pariticipate in a clandestine program codenamed Prism. According to the Guardian, “The Prism program allows the NSA, the world’s largest surveillance organisation, to obtain targeted communications without having to request them from the service providers and without having to obtain individual court orders.”

The UK GCHQ (Government Communications Headquarters), meanwhile, has been accused of using information obtained by the NSA to generate 197 of its own intelligence reports. The legal status of this act is undisputed, as Sir Malcolm Rifkind, former UK foreign secretary, has said:

The law is actually quite clear. If the British intelligence agencies are seeking to know the content of emails about people living in the UK then they actually have to get lawful authority. Normally that means ministerial authority. That applies equally whether they are going to do the intercept themselves or whether they are going to ask somebody else to do it on their behalf.

More recently, it has emerged that the GCHQ spied on foreign politicians at the G20 summit meetings in 2009. Russia, South Africa, and Turkey have reacted with rage to the news. Clearly this is a scandal that affects citizens all over the globe, and as Edward Snowden himself said, reflects ‘an existential threat to democracy.’ With the information emerging in the same week as the beginning of the Bradley Manning trial, it will be interesting to note what the outcome is.

The situation is especially interesting considering Obama’s stance on the proposed CISPA law. On the one hand, the Obama administration threatened to veto the cybersecurity bill, claiming that it did not provide enough protections for privacy. But on the other hand, we now know that the administration was already using Prism to monitor the online activities of millions of people.  In theory Prism and the NSA’s data surveillance efforts more generally are supposed to target only non-US individuals and entities, the secrecy of the programs makes it difficult to assess the the efficacy of any supposed privacy protections.

In his interview with the Guardian, Snowden mentioned how he “watched as Obama advanced the very policies that I thought would be reined in.” James Goodale, the First Amendment lawyer who represented the New York Times against the Nixon administration, has very publicly stated that he believes Obama to be comparable to Nixon when it comes to the issue of press freedom. After the Associated Press scandal (where it was found that the Obama administration had secretly seized phone records from the Associated Press), Goodale said that where he had once “had Obama, in baseball terms, half a game out of first behind Nixon,” he now had “him tied and inching ahead.” After this fresh scandal, it is likely he would put Obama ahead of Nixon by quite a stretch.

Now that this information is public, it remains to be seen what can and what will be done. Glenn Greenwald has astutely pointed out “a defining attribute of the Obama legacy: the transformation of what was until recently a symbol of rightwing radicalism – warrantless eavesdropping – into meekly accepted bipartisan consensus.” It seems that many of Obama’s supporters have been able to accept the erosion of their fundamental rights with the unwavering belief that Obama simply must know what’s right. Perhaps only now will many of these same supporters recognise what Edward Snowden recognised, that Obama has “advanced the very policies [they all thought] would be reined in.”

In an interview with Wired.co.uk, Professor Tim Wu of Columbia Law School has advised that the solution for concerned individuals is simple: “Quit Facebook and use another search engine […] It’s nice to keep in touch with your friends. But I think if you find out if it’s true that these companies are involved in these surveillance programs you should just quit.” In reality, this provides little comfort, as the leaks have shown that you’d have to unplug from almost every aspect of the Internet and mobile technology in order to escape suveillance. As one letter to the Guardian said, it has “shocked us awake to find that we are already living within a mature, widely embedded Orwellian nightmare.”

Despite this Orwellian nightmare, it is comforting that there are individuals who care so much about Internet freedom and privacy that they are willing to risk harsh punishments. Edward Snowden chose to leak classified material despite witnessing the fate of Bradley Manning, who provided classified documents to Wikileaks. We can hope that the information Snowden revealed will enable an international conversation about balancing privacy Internet freedom with national security.

Jean-Loup Richet, Special Herdict Contributor

Over 400 Sites Blocked For Tiananmen Square Anniversary

Herdict data collected from China just prior to the anniversary of the Tiananmen Square protests demonstrated significant and widespread increases in filtering.  June 4th marked the 24th anniversary of the Tiananmen Square protests, a day many Chinese activists sarcastically call “Internet Maintenance Day,” given history of government attempts to hide only information about the protests.  According to Herdict data collected with Greatfire.org, more than four hundred sites which were reported accessible during April 3 – May 3 were subsequently blocked during the May 4 – June 4 period. At least four of these sites that switched from accessible to inaccessible just before the anniversary were gateways to virtual private networks, which are an important tool for circumvention.

Among the other blocked sites were three U.S.-based advocacy groups, including Human Rights Watch, the Electronic Frontier Foundation, as well as Change.org. Also blocked during the period leading up to the anniversary were sites important to programmers, including the open source development and distribution community SourceFourge and Python.org.tw, a site for Taiwanese Python programming language enthusiasts.  It isn’t immediately clear why these programming sites were blocked, but it may represent an effort to prevent discussion and development around circumvention tools.

Several country-specific Google sites (google.co.ingoogle.com.augoogle.de) went from accessible to inaccessible in the period leading up to the anniversary. However, Google’s transparency report did not reflect those disruptions.

The majority of this data comes from Greatfire.org, an organization which monitors blocked websites in China. Greatfire and Herdict participate in a data exchange in which user reports submitted to Herdict on blocked sites in China are fed into Greatfire.org‘s database. Conversely, Greatfire shares their data with Herdict.

In the days and weeks after the anniversary, the four-hundred sites that were censored just prior to the anniversary  may come back online, or they may join the long list of sites that are rarely accessible within China. Data exploration tools and additional information on the Herdict dataset may be found on the Herdict site.

 

 

« Older posts       Newer Posts »