Iran blocks websites in anticipation of Green Revolution anniversary

By on February 10, 2012, 3:30 PM

On Friday, Cnet sources confirmed that Iran has begun preemptively blocking websites in anticipation of civil unrest this weekend. Tomorrow is significant because it marks the third anniversary of the Green Revolution, a movement where outraged citizens took to the streets in protest against a potentially rigged presidential election.

An exhaustive list of blocked websites has yet to turn up, but it appears various web-based email and social network services are being blocked for certain. There are reports that Iran may actually be blocking all HTTPS traffic entirely. If so, this would indiscriminately block large swaths of online content for Iranians.

Secure websites such as e-commerce, banking and even les secure sites like email and social networks now leverage SSL (secure socket layer) and TLS (transport layer security) to encrypt data streams between the website and the user. Even websites that do not encrypt all of their data still frequently employ SSL/TLS for authentication (ie. your initial log on)(

Users who visit a secure web page should see HTTPS instead of HTTP in the address bar. Such secure sites often operate on port 443 instead of 80 though, making indiscriminate blocking relatively simple without the need for sophisticated methods like deep packet inspection (DPI). 

However, tech savvy Iranians may work around such measures by establishing network tunnels to computers outside of the country. By utilizing international VPN services or SSH tunneling, for example, users may bypass the filter all together.

Other secure, anonymous network services such as TOR also continue to be used in Iran, but DPI can make using these methods tough -- a technology that Iran's government reportedly has at its disposal. However, Forbes reports that the country is using "traditional IP blocking technology" to filter websites, which suggests they may not be using such sophisticated methods.

To work around detailed packet analysis, secure tunnels can be wrapped in a non-secure data streams. For example, a computer can establish a non-encrypted stream with another trusted computer. Inside that unencrypted data stream though, is your encryption transmission. Inside that transmission is your original data. The goal is to obfuscate encrypted data enough that packet inspection becomes impractical. However, as this becomes more common, an arms race between inspection and obfuscation will become unavoidable.

The executive director of TOR, Andrew Lewman, said the organization has already begun implementing such methods. TOR is calling the technology "Obfproxy" and it does exactly that -- it obfuscates encrypted connections by wrapping them in unencrypted ones. 

Obfproxy will "make your Ferrari look like a Toyota by putting an actual Toyota shell over the Ferrari," Lewman explained.



User Comments: 3

Got something to say? Post a comment
Twixtea said:

I live in Iran, but I'm not really into politics or anything like that. So I don't really care.

Beside that, there are anyways way too many filtered websited here, that I could keep track of what is when filtered.

I'd be just glad if they would boost the internet speed here abit.

I mean, seriously I pay 30$ for a connection with a speed of 80kb/s.

Okay 30$ isn't that much, but in Iran, it is.

Guest said:

im from iran,too. and yes,they are Blocked the 443 port since Thursday for the Entire country! , Gmail,Messengers,HTTPS (SSL) Sites can't Be Loaded Without Proxy or VPN.Even Online Gamers have No luck to play their Games and it Seems that this situtation remain the same for at least 3 or 4 days.

andy06shake said:

So now Irans at the media/internet censorship, ah well least they now have something in common with the USA eh, bet the Iatolas love the idea of SOPA/PIPA act? HACK THE F***ING PLANET!!!!

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.