In association with heise online

13 February 2012, 12:19

Reports: Iran disrupts secure internet connections - Update

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Network Globe icon According to reports, encrypted internet connections have been systematically disrupted in Iran since last Thursday. As a result, numerous services including some email and online banking sites no longer function, at least not if a server is located outside of the Islamic republic, though existing reports disagree on some of the details. This could be caused by the government's disruptive measures being inconsistent in order to hamper co-ordinated countermeasures. The Tor anonymity network says that it won't give up and is looking for volunteers who are willing to install new "obfuscated Tor bridges" (obfsproxy). However, the new system isn't fully developed yet and may only give them a few extra days in their arms race with the censors.

The central AS12880 government proxy appears to be playing an important role, as it disrupts certain data connections. While technical censorship measures have repeatedly been observed over the past year, they are now thought to have reached unprecedented levels of intensity. Most Tor connections originate in the US, followed by Iran and Germany.

Current reports say that AS12880 uses a variety of censorship measures. It blocks specific IP address/port combinations. The proxy uses Deep Packet Inspection to detect and prevent attempts to establish an encrypted international connection. Furthermore, unencrypted connections are scanned for specific terms. For example, searching for information on Tor is believed to be impossible in Iran.

It is also likely that unencrypted content is being forged or compromised, which is harder to detect. The arsenal of control mechanisms even includes forged SSL certificates. Internet cafe operators in Iran are obliged to film their customers with surveillance cameras. These videos are an attempt by the authorities to facilitate the identification of internet users.

However, Iranian internet users struggle not only with national censorship but also obstacles created by the West. Due to US export sanctions, web sites such as SourceForge and Google Code can't be accessed from Iranian IP addresses.

In December, the German government said that it sees no need to investigate the export of surveillance technologiesGerman language link. Regulations and government supervision are lax. Suppliers who apply for and are granted an export permit can even obtain guarantees from the German Ministry of Economics that will cause Germany to foot the bill if the purchaser of a censorship product fails to pay.

Reporters Without Borders lists both Iran and Saudi Arabia as "Internet Enemies"PDF, together with Burma, China, Cuba, North Korea, Syria, Turkmenistan, Uzbekistan and Vietnam.

Update: In an email, Google confirmed to Bloomberg that the company's encrypted services, including search, Gmail and YouTube, have been blocked in Iran since 10 February. However, according to an Associated Press report, access to some foreign email services including Gmail, Yahoo! Mail and Hotmail has been restored.

(Daniel AJ Sokolov / crve)

Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit