Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Tor: Increased Internet blocking in Iran

Hal Roberts hroberts at cyber.law.harvard.edu
Wed Jan 12 14:01:11 PST 2011


My working theory for this sort of thing, mostly from what we know about 
how China makes its blocking decisions, is that these odd decisions 
about what gets blocked and what doesn't are not driven by the sort of 
reasonable / clever technical motivations you describe below but instead 
by political direction of technical decisions.

This is to say that there are probably no smart techies in Iran who are 
empowered to make the decision of what to block when to fight tor for 
control of the network.  Instead, the techies wait for micro level 
directions from political folks, who make decisions sometimes for 
obvious reasons (political crises etc) and sometimes for small reasons 
inscrutable from the outside (local corruption issues etc).

One smart Chinese scholar makes the point that in fact Chinese 
government techies have incentive not to completely block circumvention 
tools because doing so would put them out of their jobs.  According to 
this theory, the techies block the minimum they are told to block by the 
political bosses.

I don't have the ground level of knowledge of this sort of thing in Iran 
that I do in China, so your theory below may be a better description. 
But my intuition is that political actors are driving the micro-details 
of blocking decisions much more than techies.

-hal

On 1/12/11 3:49 PM, liberationtech at lewman.us wrote:
> The Great Potato Wall appears to be trying new things.  Recent traces
> do not show ssl throttling anymore.  There is possible ssl intercept
> and manipulation occurring.  There is definitely IP address blocking.
> Interestingly, https:// gmail and google search are working fine.
>
> Any idiot can block the public Tor Network, we've know this for ages.
> In fact, we told the world how to do it years ago at various
> conferences.  It took until late 2009 for China to lead the world in
> taking this step.  It seems Iran may be learning how to do this too.
>
> What's interesting is that our bridges are more affected than the public
> relay list [1].  Depending upon your level of paranoia, there could be
> two things going on:
>
> 1) The potato wall admins are testing technology to block the bridge
> relays, because they are not generally published the world over (like
> the public tor network relays are by design).  The admins feel they can
> block the public tor network easily, so test the difficult parts; or
>
> 2) The admins are purposely allowing the public tor network to be accessed
> so they can record which IP addresses in country are connecting to public
> tor relays.  One could then use this list of people in the future.
>
> In either case, Tor can use any HTTP, HTTPS, or SOCKS proxy as an access
> layer to connect to the public tor network [2].  Users in China are fond
> of using VPNs to get past the GFW and then use Tor so the VPN provider
> can't see what they're doing on the Internet.
>
> We're also working on hiding in the crowd of allowed traffic [3].
>
> The end goal is to help people, so we've suggested that people use tools
> that work right now to get access to the outside world.  Using tor over
> these tools will protect their privacy as well, see [2] again.
>
> Research continues.
>
> [1]
> https://metrics.torproject.org/users.html?graph=bridge-users&start=&end=&country=ir#bridge-users
> versus
> https://metrics.torproject.org/users.html?graph=direct-users&start=&end=&country=ir#direct-users
>
> [2] https://www.torproject.org/docs/proxychain
>
> [3]
> https://gitweb.torproject.org/tor.git/blob/HEAD:/doc/spec/proposals/ideas/xxx-pluggable-transport.txt
>



More information about the liberationtech mailing list