The Proxy Fight for Iranian Democracy - Renesys Blog
The Proxy Fight for Iranian Democracy - Renesys Blog
This is an article worth reading and understanding. The gist is that the use of proxies to evade censorship in Iran is failing. They are now getting blocked faster than they can be created. This is a basic flaw in the idea of simply deploying a proxy and promoting it. One must assume that the Iranian censors are monitoring the same channels you are trying to use to promote the proxy. After all, a proxy no one knows about is of little use. Public open proxies are similarly doomed because the Iranian censors can use the same discovery tools you do to find such proxies. Also, once you try to let people know about them, the same problem applies as with new proxies.
Distribution of a given proxy address to only a small number of people solves that problem, but it is very limiting. It takes tremendous numbers of proxies to serve a large population, and only those with contacts who have set up proxies are protected.
There are solutions to these problems, but they require substantial technical skills and resources to implement.
If you have contacts within Iran, do what you can to set up closed proxies that they can use to bypass censorship. In the short run, it is an effective action you can take right now. A good place to start would be here.
- Lance Cottrell
June 23rd, 2009 at 4:08 pm
Pretty nice post. I just came across your blog and wanted to say
that I have really enjoyed browsing your blog posts. In any case
I’ll be subscribing to your feed and I hope you post again soon!
July 9th, 2009 at 5:09 pm
Is there potential for governments to set up proxy decoys as snares and promote them in these same channels?
July 9th, 2009 at 5:14 pm
Yes, that is a real risk. If that starts to happen, then we will need to start using cryptographic authentication and the reputation of the person or organization hosting the server to prevent that attack. The international backlash would probably be large as well.
July 21st, 2009 at 10:43 am
As an Iranian inside the country(and Anonymizer TNS customer) I’d like to thank you Lance for the post.
-Is anonymizer still involved with VOA/Persian providing web proxy for Iranians?
-Recently TNS has become extremely slow here(almost useless) and constantly connecting/disconnecting from the server. from my tests, I know that it is not my PC/laptop and/or network. I have informed the support guys but all I receive is ‘we are trying to expand our capacities and it takes time’.
I will appreciate if you could do something about that. Without proper access to internet we are simply blind. Even your blog(theprivacyblog.com) is filtered here.
Houman
Tehran,Iran
July 30th, 2009 at 9:32 am
I guess it is no shocking news that my blog is being censored. Unfortunately the VoA stopped sponsoring that program shortly before the election. Not the best timing. We are looking for another partner to support that activity.
I am not sure why TNS might be slowing down. It could be that the Iranian deep packet inspection firewalls are intentionally degrading SSH connections. Do you have the ability to test SSH to other servers outside of the country?
We are working on a new platform for our service that will provide significantly expanded capabilities and should also greatly improve performance. Watch this space this fall.