Five technologies Iran is using to censor the Web

Government uses both blunt and surgical tools to stifle dissidents, hacker says

One month after a disputed presidential election sparked widespread unrest in Iran, the country's government has initiated a cyber-crackdown that is challenging hackers across the globe to find new ways to help keep Iranian dissidents connected to the Web.

While the government's initial efforts to censor the Internet were blunt and often ineffective, it has started employing more sophisticated tools to thwart dissidents' attempts to communicate with each other and the outside world. Iranian dissidents are not alone in their struggle, however, as several sympathetic hacker groups have been working to keep them online.

One such group is NedaNet, whose mission is to "help the Iranian people by setting up networks of proxy severs, anonymizers, and any other appropriate technologies that can enable them to communicate and organize." NedaNet project coordinator Morgan Sennhauser, who has just written a paper detailing the Iranian government's latest efforts to thwart hackers, says that the government's actions have been surprisingly robust and have challenged hackers in ways that the Chinese government's efforts at censorship have not.

"China has several gigabytes per second of traffic to deal with and has a lot more international businesses," he says. "They can't be as heavy-handed with their filtration. The Iranians aren't as concerned about that... so they get to use all these fancy toys that, if the Chinese used them, could cripple their economy."

With that in mind, this article will look at five of the most commonly-used technologies the Iranian government has been using to stifle dissent, as outlined in Sennhauser's paper.

IP Blocking

IP Blocking is one of the most basic methods that governments such as Iran use for censorship, as it simply prevents all packets going to or from targeted IP addresses. Sennhauser says that this was how the government banned access to the BBC's Persian news services and how it took down websites critical of the election.

But while these sorts of operations are relatively simple to execute, they don't tackle the problem of individual communications between users, especially if the users have set up multi-hop circuits that use multiple servers to create a proxy ring.

Traffic Classification (QoS)

This is a much more sophisticated method of blocking traffic than IP blocking, as governments can halt any file sent through a certain type of protocol, such as FTP. Because the government knows that FTP transfers are most often sent through TCP port 21, they can simply limit the bandwidth available on that port and throttle transfers. Sennhauser says that this type of traffic shaping practice is the most common one used by governments today, as "it is not too resource intensive and is fairly easy to set up."

Shallow Packet Inspection

Shallow packet inspection is basically a blunter, broader version of the deep packet inspection (DPI) technique that is used to block packets based on their content. But unlike DPI, which intercepts packets and inspects their fingerprints, headers and payloads, shallow packet inspection makes broad generalities about traffic based solely on checking out the packet header. Although shallow packet inspection can't provide the Iranian government with the same detailed traffic assessments as DPI, Sennhauser says that it is much better at handling volume than DPI.

"It's a less refined tool, but it can also deal with a lot more traffic than true DPI can," he explains. "Shallow packet inspection is more judging a book by its cover. If a packet says that it's SSL (Secure Sockets Layer) in the header, then a shallow packet inspector takes it at face value."

Sennhauser notes, however, that this is a double-edged sword. If a user disguises their SSL packets as FTP packets in the header, the shallow packet inspector won't be able to tell the difference.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags internet content filteringcensorshipiran

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Brad Reed

Network World
Show Comments

Essentials

Cygnett 2500 ChargeUp Pocket Lightning Portable Power Bank

Learn more >

Mobile

Exec

Budget

TerraCycle Zero Waste Box Pens and Markers Small

Learn more >

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?