surveillance network
In number two of C't Magazin there was an article on "How the Iranian regime uses IT and network control against the protests". The article is written by Marcus Michaelsen und Maryam Mirza and published in German here: https://www.heise.de/select/ct/2023/2/2232513434673096183
Because it is in German and the content is very relevant I translated it in English but obviously that is not allowed so I took it down expect for two parts that I think are really important for a wider audience than the readers of a German Computer Magazine, if the authors are publishing the article in English somewhere else. Information on this blog is not attracting a lot of people but I use it to specifically point people at the situation in Iran and how repression works and how others can help people in Iran, I think that is more important than copyright:
Tools of repression
In November 2019, the regime showed for the first time that it now has total control over the infrastructure. Angered by the drastic increase in gas prices, people across the country took to the streets. The protests quickly turned against the regime elite behind revolutionary leader Ali Khamenei. The reaction followed promptly: within one afternoon, all major Internet providers switched off their networks. Iran was cut off from the world for five days. For the London-based organization Netblocks, which documents Internet blocks worldwide, this blockade was the most serious shutdown of their measurements to date due to the extent and technical complexity.
Only when the providers gradually connected the country back to the global network did the evidence of state violence come to light. Based on cell phone videos and photos, Amnesty International has been able to identify more than three hundred men, women and children killed by regime forces during the protests. According to estimates, the actual number is up to 1,500 fatalities.
When the protests over the death of Jina Amini broke out in September 2022, the regime had already gained experience. The National Security Council quickly ordered the blocking of WhatsApp and Instagram, the last international platforms still accessible. Even online games with chat functions were blocked in order not to offer any niches to critics of the regime. So far, however, there has been no nationwide shutdown because the government fears economic damage. Instead, they work with temporary and regionally limited closures.
Despite state communication blockades, the protests in Tehran and many other cities in the country are continuing.
A report published by the Open Observatory of Network Interference (OONI) and partner organizations documents “digital curfews” for the first few weeks of the protests: From afternoon to midnight, the three largest mobile phone providers interrupted their services. Users lost connection to mobile data traffic, which is the only access to the Internet for many Iranians. This was intended to make it difficult for protesters to communicate on the streets.
The regime uses deep packet inspection to detect and block VPN connections in the data streams. It also throttles the speed of data transfer. As a result, activists can hardly send photos and videos. "It's like a faucet with only a few drops coming out. You can claim that there is a water connection, but in reality the tap is of no use to anyone,” says Amin Sabeti from CERTFA, describing this situation.
The provinces of Kurdistan and Balochistan are hardest hit by the censorship, where the regime is much tougher on the protesting population. The regions inhabited by ethnic and religious minorities have always been heavily discriminated against by the state. In the Kurdish cities, the connections are often interrupted for days, reports Kaveh Ghoreishi, a Kurdish-Iranian journalist who lives in Berlin: "Sometimes activists use SIM cards from the neighboring Kurdish provinces in Iraq to circumvent internet censorship. But these connections are jammed by the Iranian government.”
Based on leaked documents, the online magazine The Intercept reported in October on a surveillance program that gives the Iranian government comprehensive control over mobile communications. The system can spy on connections, manipulate them and interrupt them in a targeted manner. In addition, it allows the authorities to force users from the faster 3G and 4G networks to outdated 2G connections. Many functions of today's smartphones cannot be used there and data can be more easily scraped off.
After an initial evaluation of the documents, it is not yet clear to what extent Iran has received support from abroad for this program. Cooperation in the IT area exists with Russia and China. China in particular is helping with internet censorship and digital surveillance with technology and know-how. Chinese firm Tiandy recently sold Iran a camera system with facial recognition software that could take over the vice squad's role in enforcing dress codes.
The Open Observatory of Network Interference (OONI) has compiled government network interventions in the first four weeks of the protest.
Image: Open Observatory of Network Interference (OONI)
And this part:
Help desired
Providing powerful VPNs would be far more helpful, many internet activists agree. Applications such as Psiphon and Tor have seen increasing user numbers in Iran in recent months. Both tunnel data traffic over a network of computers, helping to bypass blockades and maintain anonymity on the web. The Tor project offers the Snowflake browser extension, a proxy that users in Germany can also use to give people from Iran quick access to the Tor network via their home computer.
The head of community work at Tor, Gustavo Gus, reports that after initial great success, Snowflake was suddenly blocked for Iranian users of the Tor proxy Orbot in October. With Orbot, the apps on Android smartphones can be protected via Tor. It took two weeks to develop a solution: "Under the conditions of censorship and surveillance, it is very difficult to communicate with users in Iran. We always need feedback from people testing our customizations. But many channels are blocked.”
The great demand from Iran brought the team to the edge of their strength. "It's like working in a kitchen, suddenly many more guests come and want food," says Gustavo. Tor would need more volunteers to install a standalone proxy for Snowflake on their servers that offers more bandwidth than private accounts and increases network capacity.
Journalists like Gilda Sahebi retweet information from Iran, thereby raising awareness of the protest movement.
Stefan Leibfarth, who runs an exit node for Tor for the Chaos Computer Club in Stuttgart, emphasizes that volunteers in Germany provide a significant proportion of the servers and bandwidth required for the entire service. This commitment is mostly purely voluntary. "We would like more public attention and recognition for this," says Leibfarth. He is skeptical about direct state funding, but considers broad support from various donors to be desirable.
Former start-up pioneer Arash Zad thinks that in order to weaken Iran's system of surveillance and Internet control, all companies involved in any way should ultimately suffer the consequences. It is currently uncertain whether this will actually happen, because the consequences of the protest movement for the regime and Iranian society cannot yet be foreseen.
Personal note:
This article is published in German in C't Magazin originally in the second edition of 2023:
Outline VPN still seems to work in Iran and is not mentioned in this article so I would like to share the post on Reddit, which is already 3 month old but might still be relevant:
https://www.reddit.com/r/outlinevpn/comments/y3zzza/an_update_on_outline_service_in_iran/
And I also would like to mention ASL19 here with a lot of support for people in Iran or in general:
If you know of organisation in need of Rapid Response contact Greenhost:
