On Friday, Cnet sources confirmed that Iran has begun preemptively blocking websites in anticipation of civil unrest this weekend. Tomorrow is significant because it marks the third anniversary of the Green Revolution, a movement where outraged citizens took to the streets in protest against a potentially rigged presidential election.
An exhaustive list of blocked websites has yet to turn up, but it appears various web-based email and social network services are being blocked for certain. There are reports that Iran may actually be blocking all HTTPS traffic entirely. If so, this would indiscriminately block large swaths of online content for Iranians.
Secure websites such as e-commerce, banking and even les secure sites like email and social networks now leverage SSL (secure socket layer) and TLS (transport layer security) to encrypt data streams between the website and the user. Even websites that do not encrypt all of their data still frequently employ SSL/TLS for authentication (ie. your initial log on)(
Users who visit a secure web page should see HTTPS instead of HTTP in the address bar. Such secure sites often operate on port 443 instead of 80 though, making indiscriminate blocking relatively simple without the need for sophisticated methods like deep packet inspection (DPI).
However, tech savvy Iranians may work around such measures by establishing network tunnels to computers outside of the country. By utilizing international VPN services or SSH tunneling, for example, users may bypass the filter all together.
Other secure, anonymous network services such as TOR also continue to be used in Iran, but DPI can make using these methods tough -- a technology that Iran's government reportedly has at its disposal. However, Forbes reports that the country is using "traditional IP blocking technology" to filter websites, which suggests they may not be using such sophisticated methods.
To work around detailed packet analysis, secure tunnels can be wrapped in a non-secure data streams. For example, a computer can establish a non-encrypted stream with another trusted computer. Inside that unencrypted data stream though, is your encryption transmission. Inside that transmission is your original data. The goal is to obfuscate encrypted data enough that packet inspection becomes impractical. However, as this becomes more common, an arms race between inspection and obfuscation will become unavoidable.
The executive director of TOR, Andrew Lewman, said the organization has already begun implementing such methods. TOR is calling the technology "Obfproxy" and it does exactly that -- it obfuscates encrypted connections by wrapping them in unencrypted ones.