Iranian block on Tor traffic quickly foiled
The online privacy and security service Tor was blocked by the Iranian government late evening (local time) 13 September. This was done by adding a filter rule to the Iranian border routers which identified Tor traffic and blocked it. The blocking was quickly discovered by Tor and the project released a fix a few hours later. The fix consists of a new version of the Tor software, Tor 0.2.3.4-alpha, and once this is installed on relays and bridges, the company expects normal service to be resumed for users in Iran.
A report on the Tor web site explains how the filter worked. The Iranian block used a peculiarity in the expiry time of Tor's SSL certificates, which was a very unusual two hours and very different to the year which might be typical for a normal CA certificate. It was this minor difference that enabled Tor traffic to be recognised and subsequently blocked. To fix the problem, at least for now, Tor has given its certificates more typical expiry times.
The company accepts that it needs to develop both medium and longer term solutions to the problem of being blocked, and notes that the last time Iran attempted to block its traffic was in January 2011.
- Fraudulent certificate triggers blocking from software companies, a report from The H.
- Iran confirms Stuxnet cyber attack, a report from The H.