< Return to Video

Mahsa: Mobile Censorship in Iran

  • 0:00 - 0:09
    preroll music
  • 0:09 - 0:13
    Herald: Good evening, thank
    you for joining us tonight,
  • 0:13 - 0:18
    here at the CCC in Hamburg.
    And also thank you for everyone
  • 0:18 - 0:21
    tuning in around the
    world via our livestream.
  • 0:21 - 0:27
    I'm very, very honored and excited
    to introduce our new... next guest,
  • 0:27 - 0:29
    Mahsa Alimardani?
    laughs
  • 0:29 - 0:35
    - it was my attempt to say the name Mahsa
    Alimardani - she's an Iranian-Canadian
  • 0:35 - 0:37
    researcher and activist.
  • 0:37 - 0:42
    Mahsa is finishing her master's
    degree and is a research assistant
  • 0:42 - 0:46
    at the Deja Active Lab, both at
    the university of Amsterdam,
  • 0:46 - 0:52
    and her focus is on freedom of
    expression and access to information
  • 0:52 - 0:59
    in Iran. She's also the editor
    of the Global Voices Iran
  • 0:59 - 1:03
    and today she will be sharing some
    of her research findings with us
  • 1:03 - 1:09
    about the censorship situation
    in Iran on mobile platforms.
  • 1:09 - 1:15
    With that I would like to ask you to
    help me welcome Mahsa Alimardani!
  • 1:15 - 1:23
    applause
  • 1:23 - 1:27
    Mahsa Alimardani: Thank you Sonia,
    for the nice introduction,
  • 1:27 - 1:30
    and thank you all for
    coming to this session,
  • 1:30 - 1:34
    I know there's a lot of awesome
    computing sessions happening right now.
  • 1:34 - 1:41
    And, so, just to introduce you a little
    bit to the Iranian internet ecosystem.
  • 1:41 - 1:47
    So, there are some realities,
    you should know about it.
  • 1:47 - 1:48
    decent laughter
  • 1:48 - 1:53
    Yes, if you're thinking of traveling to
    Iran I'd tell this to everyone: Do go!
  • 1:53 - 1:56
    It's awesome, it's amazing,
    it's a beautiful country.
  • 1:56 - 1:59
    Although, take into consideration
    the type of work that you do and
  • 1:59 - 2:02
    the type of public profile
    you have when you do go.
  • 2:02 - 2:06
    If you do go do set up TOR relays
    'cause that's really helpful to people
  • 2:06 - 2:10
    accessing the internet in Iran.
  • 2:10 - 2:13
    And one of the things you should
    know that the Iranian internet,
  • 2:13 - 2:17
    it's often known as the Filter Net.
  • 2:17 - 2:21
    And Filter Net sort of has been the name
    ascribed to the internet
  • 2:21 - 2:23
    because of the censorship
    that happens in Iran.
  • 2:23 - 2:27
    I think out of the whole
    world Iran would come
  • 2:27 - 2:31
    second after China in the terms
    of the pervasiveness of censorship
  • 2:31 - 2:35
    and internet controls around the world.
  • 2:35 - 2:38
    Something that you might not know is
    that it is also known as the "Kondnet"
  • 2:38 - 2:41
    and "kond" means "slow".
  • 2:41 - 2:45
    The fact that the internet
    is often throttled in Iran,
  • 2:45 - 2:48
    and the speeds are very slow,
  • 2:48 - 2:51
    and the fact that it can be very
    frustrating sometimes to upload a page
  • 2:51 - 2:55
    it also has the name of "Kondnet".
  • 2:55 - 3:01
    So, this talk will sort of describe this,
    I'll talk on Mobile Censorship
  • 3:01 - 3:05
    and how they will focus on that.
    I just wanna take a sort of broader view
  • 3:05 - 3:12
    and to look at more general
    look at internet policy in Iran
  • 3:12 - 3:14
    and just before I sort of delve into it...
  • 3:14 - 3:17
    The reason why I really
    wanted to get this talk at
  • 3:17 - 3:22
    a conference like the CCC is
    because I know this is a community
  • 3:22 - 3:26
    full of lots of different
    expertise in terms of
  • 3:26 - 3:28
    Digital Security,
    in terms of Circumvention.
  • 3:28 - 3:31
    So, bringing awareness and sort
    of knowledge in focus on Iran
  • 3:31 - 3:35
    I think is kind of exciting
    in a community like this
  • 3:35 - 3:40
    'cause a lot of help and
    a lot of aid can go towards
  • 3:40 - 3:43
    access to internet in Iran
    from a group of people like you.
  • 3:43 - 3:49
    So: just a broad look at what the internet
    infrastructure's like in Iran is.
  • 3:49 - 3:53
    The Ministry of Information,
    Communication and Technology (ICT)
  • 3:53 - 3:56
    runs the Telecommunications
    Company of Iran
  • 3:56 - 4:01
    and this company is also responsible
  • 4:01 - 4:06
    for the main ISP of Iran which is the
    Data Communication Company of Iran.
  • 4:06 - 4:11
    So, in effect they control all
    internet traffic that goes into Iran
  • 4:11 - 4:16
    and all ISP's both private and
    government are controlled through
  • 4:16 - 4:20
    the Data Communication Company of Iran.
  • 4:20 - 4:25
    So this company in effect becomes
    the point where filtering can occur
  • 4:25 - 4:30
    and the blocking of pages or
    the blacklisting of keywords occurs.
  • 4:30 - 4:33
    Oftentimes the Telecommunications
    Company uses proxy servers
  • 4:33 - 4:40
    for surveillance by logging all
    unencrypted internet traffic that goes on
  • 4:40 - 4:44
    in Iran which is why it's really important
    for pages that are being used
  • 4:44 - 4:47
    especially by Iranians if not
    everywhere else in the world
  • 4:47 - 4:51
    to have https for all
    Mobile Applications to be using
  • 4:51 - 4:55
    encryption technology
    and things like that.
  • 4:55 - 4:58
    Now, all of these things
    are really concerning as it is
  • 4:58 - 5:05
    the fact that the government has so
    much access to data over the internet.
  • 5:05 - 5:09
    What's even more concerning
    is looking at this chart here.
  • 5:09 - 5:15
    So this is the overall view
    of the institutions responsible
  • 5:15 - 5:18
    for internet policy in Iran.
    And you see at the very top
  • 5:18 - 5:22
    there is the Supreme Leader. Although
    Iran does have no active president,
  • 5:22 - 5:26
    ultimately, the Supreme Leader
    has the Veto Power
  • 5:26 - 5:31
    and is in effect really
    the official Head Of State.
  • 5:31 - 5:36
    And so while the ministry of ICT is part
    of the elected administration
  • 5:36 - 5:40
    the Supreme Leader has ultimate power.
    And what is particularly
  • 5:40 - 5:45
    concerning here is while we have
    the ministry of ICT here on the right
  • 5:45 - 5:48
    and then you have the Telecommunications
    Company. And then you have
  • 5:48 - 5:53
    the ISP provider in Iran. You then
    have the Revolutionary Guards
  • 5:53 - 5:57
    which are a para-military
    organization in Iran
  • 5:57 - 6:01
    who are not accountable
    to the elected government.
  • 6:01 - 6:04
    They're ultimately only accountable
    to the Supreme Leader.
  • 6:04 - 6:10
    They own the largest share of the
    Telecommunications Company of Iran.
  • 6:10 - 6:14
    This is particularly concerning because
    a group like the Revolutionary Guards
  • 6:14 - 6:18
    are the ones who are oftentimes
    responsible for
  • 6:18 - 6:24
    various surveillance programs,
    for arrests of dissidents.
  • 6:24 - 6:28
    One of their offshoots, the Basij
    were the ones on the streets,
  • 6:28 - 6:32
    arresting and beating up protesters
    during the 2009 Green Movement.
  • 6:32 - 6:36
    So the fact that they have access to
    this kind of data it's very concerning
  • 6:36 - 6:44
    in why things like digital security are of
    the upmost importance in Iran.
  • 6:44 - 6:48
    Just a little brief overview of why
  • 6:48 - 6:51
    this sort of history started in Iran.
    It's not always been like this.
  • 6:51 - 6:57
    This started during the Reformer's era
    in Iran which were the late 90ies.
  • 6:57 - 7:03
    This was a period where
    relative to the Iranian context
  • 7:03 - 7:08
    which is a Islamic theocracy there was
    more progressive politics
  • 7:08 - 7:13
    and the hardline elements which aren't
    often accountable to the electorate
  • 7:13 - 7:19
    in Iran kind of clashed with the
    Reformer's Government that was in power
  • 7:19 - 7:22
    and so the surge in Reformer's
    jounalists that were
  • 7:22 - 7:26
    in traditional print media meant
    that they could start migrating online
  • 7:26 - 7:31
    in the early 2000's, late 90ies, when
    blogging was becoming really popular
  • 7:31 - 7:37
    and the technology to use Persian unicode
    was becoming more pervasive.
  • 7:37 - 7:40
    During this time the government
    sort of realized that there's
  • 7:40 - 7:43
    this space that's not
    being controlled at all.
  • 7:43 - 7:47
    And so filtering of pages
    started early on in 2001
  • 7:47 - 7:52
    but there was no real systematic
    procedure for this filtering.
  • 7:52 - 7:57
    So they came up with the
    Cybercrimes Law in 2006.
  • 7:57 - 8:02
    But that sort of lay
    floating around until 2009
  • 8:02 - 8:05
    when the internet became
    a really big deal because,
  • 8:05 - 8:09
    I'm sure some of you have
    heard of the Twitter Revolution
  • 8:09 - 8:13
    which sort of came out after 2009
    Green Movement. And it was at that point
  • 8:13 - 8:17
    - when Iranians were coming out en masse
    onto the streets protesting
  • 8:17 - 8:21
    what they claimed to be a fraudulent
    election - that the Iranian Government
  • 8:21 - 8:26
    shut down the internet. And so
    after this period they codified
  • 8:26 - 8:31
    the Cybercrimes Law to sort of ensure
    a more systematic way of filtering
  • 8:31 - 8:36
    various pages including Twitter
    and Facebook, that came out of it.
  • 8:36 - 8:39
    And then following this you
    had the Revolutionary Guard's
  • 8:39 - 8:44
    establishment of Gerdab which is
    a Cyber Command Center
  • 8:44 - 8:48
    which is now responsible for
    the arrest of many different bloggers
  • 8:48 - 8:53
    and activists in Iran. And then in 2011
  • 8:53 - 8:56
    because there wasn't enough
    control over the internet
  • 8:56 - 9:01
    they set up the FATA, a police force,
    from the police forces.
  • 9:01 - 9:06
    While they do sort of take care
    of things like cybercrime
  • 9:06 - 9:10
    in terms of banking, in identity theft,
    they also are responsible
  • 9:10 - 9:16
    for the arrests of various bloggers.
    There was one popular case in 2012
  • 9:16 - 9:22
    of Sattar Beheshti, who had public
    dissident posts against the government.
  • 9:22 - 9:27
    And then finally in 2012
    the Supreme Leader who has
  • 9:27 - 9:32
    quite a grand name of its own decided
    to setup a very Sci-fi-esque body
  • 9:32 - 9:37
    - at least in the English language -
    called the Supreme Council of Cyberspace.
  • 9:37 - 9:40
    audience amused
  • 9:40 - 9:46
    This body basically would be responsible
    for all of the Internet Policy
  • 9:46 - 9:50
    in Iran. And this really marked
    a turning point in Iran where
  • 9:50 - 9:57
    cyberspace and internet became
    a key issue of National Security;
  • 9:57 - 10:00
    not only were there concerns
    of cyber attacks from the United States
  • 10:00 - 10:04
    and Israel, there was also
    big concerns of dissidents
  • 10:04 - 10:08
    and various movements that could
    sort of emerge through Social Media
  • 10:08 - 10:13
    and the blogs. And so all the
    decision making would occur through
  • 10:13 - 10:17
    the members that they decided to appoint
    to this council. And it's a mixed bag
  • 10:17 - 10:26
    of different ministers as well as
    unelected officials and experts.
  • 10:26 - 10:30
    Over the years they've had various
    different programs to try to control
  • 10:30 - 10:35
    the internet and most recently
    in last March they came up with
  • 10:35 - 10:40
    another grand sounding
    program called Spider.
  • 10:40 - 10:45
    Spider was a project of the Revolutionary
    Guards where they sort of
  • 10:45 - 10:50
    talked about doing blanket surveillance
    over all Social Media activities,
  • 10:50 - 10:53
    activities of Iranians which technically
  • 10:53 - 11:00
    - if any of you know anything about
    how Facebook or how Twitter works -
  • 11:00 - 11:06
    it's quite hard. If posts are private
    it's hard to delve into them.
  • 11:06 - 11:13
    Anyways, so what is key to understanding
    about the internet climate right now
  • 11:13 - 11:18
    is that there is a moderate president
    Rohani who came into power
  • 11:18 - 11:22
    on a platform of many
    different progressive policies
  • 11:22 - 11:25
    one of which was Internet Freedom.
  • 11:25 - 11:29
    And so they've had many
    different progressive moments.
  • 11:29 - 11:35
    They shut down the hardline judiciary's
    attempts to block Whatsapp e.g.
  • 11:35 - 11:40
    and they've promised not to really
    shut down any other platform
  • 11:40 - 11:45
    or censor anything unless there is
    a legitimate replacement for them
  • 11:45 - 11:48
    and this is a quote by
    the minister of ICT.
  • 11:48 - 11:52
    But at the same time
    they've been trying to cater to
  • 11:52 - 11:56
    some of the hardline elements
    and try to sort of balance out
  • 11:56 - 12:00
    their Internet Freedom policies with
    programs like intelligent filtering,
  • 12:00 - 12:04
    which would mean not blocking
    entire platforms outright but
  • 12:04 - 12:09
    blocking individual pages.
  • 12:09 - 12:15
    This program... about 66 Mio. Dollars
    has been spent on this program
  • 12:15 - 12:21
    from the ICT budget. And overall
    it's been a bit of a failure.
  • 12:21 - 12:26
    I worked on a piece of research
    with Frederic Jacobs that sort of
  • 12:26 - 12:31
    underlined how the intelligent filtering
    on Instagram, which was
  • 12:31 - 12:35
    the most tangible,
    resolved of this form of control.
  • 12:35 - 12:39
    was only occuring because
    Instagram had failed to release
  • 12:39 - 12:45
    the https on the Mobile API.
    So they were able to enable
  • 12:45 - 12:50
    intelligent filtering on the mobile
    application but not on the browser.
  • 12:50 - 12:53
    Later on people found out that there was
    still disruptions and images
  • 12:53 - 12:59
    weren't loading to Instagram even
    after Instagram enabled https
  • 12:59 - 13:04
    over the Mobile API. And it turned out that
    this was just collateral damage
  • 13:04 - 13:08
    from the fact that some of the
    images on Instagram were also hosted
  • 13:08 - 13:14
    on Facebook which is
    outright blocked in Iran.
  • 13:14 - 13:18
    So right now we're about to go
    up to a election in Iran.
  • 13:18 - 13:21
    It's in February,
    it's the Parliamentary Elections.
  • 13:21 - 13:26
    And typically during these
    sensitive moments in Iran
  • 13:26 - 13:30
    they start playing around
    with the internet and
  • 13:30 - 13:33
    this happened in 2013. There was
  • 13:33 - 13:37
    a significant throttling of the internet
    leading up to the elections.
  • 13:37 - 13:40
    And right now there have been
    some things spotted although
  • 13:40 - 13:45
    it's speculation whether or not
    it's related to the elections at all.
  • 13:45 - 13:51
    Some websites with foreign
    SSL certificates are being blocked.
  • 13:51 - 13:54
    There was one example of a
    popular blogger based in Iran
  • 13:54 - 13:59
    named Jadi who has a
    SSL certificate from Cloudflare
  • 13:59 - 14:05
    and his website was blocked.
    And you'll notice that local certificates
  • 14:05 - 14:08
    won't be blocked because ultimately
    they're controlled by the government.
  • 14:08 - 14:13
    This is a diagram formed by Smallmedia
    that sort of explains how
  • 14:13 - 14:17
    the certificate authorities are ultimately
    in the hands of the government
  • 14:17 - 14:21
    and data could potentially be shared.
  • 14:21 - 14:26
    There is also throttling of TLS in
    November and the best example of this
  • 14:26 - 14:36
    was over TOR direct connections which,
    you see, experienced a significant drop.
  • 14:36 - 14:42
    The shift towards mobile applications
    and the fact that Iranians are
  • 14:42 - 14:45
    increasingly accessing the web through
    their phones means that there's been
  • 14:45 - 14:50
    sort of a increased focus by
    the government on mobile apps.
  • 14:50 - 14:55
    In order to sort of talk to this they've been
    coming up with local alternatives
  • 14:55 - 14:59
    like WeChat has Dialog which sort of
    you can see from the interface
  • 14:59 - 15:07
    that this local version is imitating that
    application. Instagram had Lenzor.
  • 15:07 - 15:11
    But you kind of see that it's not
    working as effectively because
  • 15:11 - 15:15
    if you look at the Cafe Bazaar Stats,
    which is a platform where Iranians
  • 15:15 - 15:20
    download their apps, Lenzor
    only has about 50000 users
  • 15:20 - 15:24
    while Instagram has
    more than 9 Mio.
  • 15:24 - 15:29
    Viber had another imitation
    out called Salam.
  • 15:29 - 15:34
    Salam was speculated to be
    developed by the Basij.
  • 15:34 - 15:40
    So popular apps right now have...
    there's Whatsapp and there's Viber
  • 15:40 - 15:44
    and Telegram in terms of
    chats and communication.
  • 15:44 - 15:50
    Telegram is the most popular right now
    and that's mainly because
  • 15:50 - 15:54
    Viber has been heavily
    tampered with and
  • 15:54 - 15:58
    a lot of people don't trust Viber anymore
    because the media has sort of
  • 15:58 - 16:03
    disparaged it in connection with Israel
    and the Israeli Defense Forces (IDF).
  • 16:03 - 16:08
    And Whatsapp the second most
    popular app has been experiencing
  • 16:08 - 16:12
    lots of network disruptions.
    And so with this increasing shift
  • 16:12 - 16:17
    towards Telegram the media
    has been focusing on also
  • 16:17 - 16:22
    highlighting that Telegram is
    a place of moral corruption.
  • 16:22 - 16:26
    This is a picture from a semi-official
    news source, FARS News,
  • 16:26 - 16:32
    sort of depicting how someone could be
    dramming in Telegram.
  • 16:32 - 16:37
    So Telegram in Iran is really
    controversial not only because
  • 16:37 - 16:40
    the government's really
    concerned about it but
  • 16:40 - 16:46
    it had a really confusing
    and weird relationship with Iran.
  • 16:46 - 16:50
    Starting in August, Bots and Stickers
    started getting censored in Iran.
  • 16:50 - 16:55
    And the Bots and Stickers are one of the
    reasons why Telegram is really popular
  • 16:55 - 17:00
    in Iran because the Bots allowed Iranians
    to access content on the internet
  • 17:00 - 17:04
    without using a VPN
    and the Stickers are oftentimes fun
  • 17:04 - 17:10
    and kind of rude and in Persian
    which not a lot of apps have.
  • 17:10 - 17:14
    And so it's really popular.
    But these got censored in August.
  • 17:14 - 17:16
    And the ministry announced that
    the censorship was occuring
  • 17:16 - 17:22
    because of cooperation with Telegram,
    but Telegram was very quick to deny this.
  • 17:22 - 17:28
    Pavel Durov came up and said that they
    had not entered in to any agreements.
  • 17:28 - 17:32
    On top of that there's a respected community
    of security experts have really
  • 17:32 - 17:37
    critizised the cryptography and
    the security behind Telegram.
  • 17:37 - 17:40
    And this is especially worrysome
    when you hear things like
  • 17:40 - 17:46
    30% of Telegram data is now being
    stored in Iran which was a
  • 17:46 - 17:50
    announcement by the ministry of ICT
    in Iran. But then again
  • 17:50 - 17:55
    Telegram was very quick to deny this,
    again, saying that this is 100% bullshit.
  • 17:55 - 18:01
    laughter
    And so the Telegram story continues.
  • 18:01 - 18:06
    I think it was in late November,
  • 18:06 - 18:10
    Pavel Durov made a announcement
    saying that the ministry of ICT
  • 18:10 - 18:16
    had come to him demanding spying and
    censorship capabilities from Telegram
  • 18:16 - 18:19
    which is really weird because
    beforehand they thought they were
  • 18:19 - 18:22
    working together. And there's all sorts of
    conspiracy theories about
  • 18:22 - 18:27
    how Pavel Durov got on a plane and went
    to Tehran to meet with the minister Vaezi.
  • 18:27 - 18:30
    Noone really knows what happened,
    all speculations and rumours.
  • 18:30 - 18:35
    Anyways, he comes out with this
    announcement and then a few weeks later
  • 18:35 - 18:40
    it's like: "Oh, that was a fake email",
    which is really odd and concerning
  • 18:40 - 18:46
    and no other internet company has ever
    had anything happen like this.
  • 18:46 - 18:50
    He said that he received the fake email,
    the ministry didn't actually contact him.
  • 18:50 - 18:54
    He never released the email.
    It's all very strange and it led to
  • 18:54 - 19:01
    several advocacy organizations asking
    for more transparency from Telegram.
  • 19:01 - 19:07
    But Telegram continues to be one of the
    most popular apps in Iran.
  • 19:07 - 19:10
    What's notable about Telegram is that that
    sort of sets a precedent for other
  • 19:10 - 19:14
    internet companies inside of Iran
    especially as we move towards the removal
  • 19:14 - 19:20
    of sanctions. And companies like Facebook
    and Twitter will be able to do business
  • 19:20 - 19:25
    with Iran potentially. And so noting these
    kinds of behaviours and sort of holding
  • 19:25 - 19:30
    them to account is really important.
  • 19:30 - 19:34
    One last application that sort of
    gaining ground in Iran and that
  • 19:34 - 19:38
    highlights one of the sort
    of habits of Iranians is
  • 19:38 - 19:47
    Bisphone. Bisphone is this local app and
    Security Researcher Kevin Miston
  • 19:47 - 19:50
    who I don't know if he's here [in the
    hall] or not, but he's somewhere here
  • 19:50 - 19:55
    in the venue, has done some really cool
    work into looking what exactly Bisphone is
  • 19:55 - 20:02
    'cause it's sort of this rising app
    that's gaining a lot of popularity.
  • 20:02 - 20:06
    It apparently has connections, the
    developers are loosely connected to
  • 20:06 - 20:13
    the government. It turns out that the
    actual data collection over the ISPs is
  • 20:13 - 20:18
    connected to Iran's Telecommunications
    Company. Which is very concerning but
  • 20:18 - 20:26
    Smallmedia recently did a report asking
    Iranians what they thought about the
  • 20:26 - 20:30
    security of the apps that they use and the
    tendency is that they either don't know
  • 20:30 - 20:34
    or it doesn't really
    factor in as a big issue.
  • 20:34 - 20:41
    So security is a very low
    priority for Iranians even though
  • 20:41 - 20:44
    it should be higher on their list.
    They generally tend to go for
  • 20:44 - 20:49
    usability and fun features.
    This kind of brings me
  • 20:49 - 20:52
    to the take aways of this talk which is:
    Internet control in Iran is
  • 20:52 - 20:59
    quite pervasive, but it's not as
    sophisticated as they would like.
  • 20:59 - 21:01
    It's especially important now
    'cause there's been more arrests
  • 21:01 - 21:06
    of various bloggers, various people
    who work in the Tech industry in Iran.
  • 21:06 - 21:09
    This might be particularly
    problematic as we move towards
  • 21:09 - 21:14
    the Parliamentary Elections.
  • 21:14 - 21:18
    If you do particular research,
    if you do any collection of data
  • 21:18 - 21:23
    and circumvention tools I think this is a
    very exciting time to be looking at Iran's
  • 21:23 - 21:27
    internet ecosystem. Thank you!
  • 21:27 - 21:38
    applause
  • 21:38 - 21:43
    Herald: Thank you, we have 5
    minutes now for question/answers.
  • 21:43 - 21:51
    So if you have questions for Mahsa
    please go to one of the 4 microphones.
  • 21:51 - 21:55
    And I would like to ask you to
    please say your question slowly
  • 21:55 - 21:58
    into the microphone because
    it's being recorded.
  • 21:58 - 22:00
    audience mumbles amused
  • 22:00 - 22:09
    Question: Shall I start?
    H: Ok we'll start with, yes, that microphone.
  • 22:09 - 22:16
    Q: So one thing first as a statement
    not a question. If you are in Iran, do not
  • 22:16 - 22:21
    ever use your banking, whatever banking...
    Mahsa: whispering Who's talking?
  • 22:21 - 22:24
    Q: ...without VPN. And then... because
    they're gonna block it. You're gonna
  • 22:24 - 22:30
    have to go back to your bank and reopen
    it. But the question is: Do you know...
  • 22:30 - 22:34
    how much do you know about the
    relationships with other governments like
  • 22:34 - 22:38
    foreign governments or foreign companies
    on the filters, there were... and like
  • 22:38 - 22:42
    further developments. Because I know from
    Rohde&Schwarz like a year ago,
  • 22:42 - 22:48
    when I was there, they were talking about
    the relationship with the filters in
  • 22:48 - 22:55
    I-don't-know Syria, maybe. And that they're
    not officially related but they were used?
  • 22:55 - 23:02
    Mahsa: Yeah, I'm not a particular expert
    on Syria but I do know that they have
  • 23:02 - 23:06
    exchanged technology and knowledge with
    the Syrian Government 'cause they are
  • 23:06 - 23:10
    very close with the Assad Regime.
  • 23:10 - 23:16
    Q: I meant more specifically like
    companies in Europe and in the US.
  • 23:16 - 23:20
    M: Yeah, so because of sanctions
    I know the US don't really...
  • 23:20 - 23:26
    I do know Europe... is...
    does work, but I know
  • 23:26 - 23:32
    the country that they turn to most for
    censorship technology would be China.
  • 23:32 - 23:36
    And I know that in the past that they
    heavily relied on Chinese technology
  • 23:36 - 23:40
    for censorship and surveillance material
    but recently they've been shifting towards
  • 23:40 - 23:46
    local vendors and using more
    locally grown technology.
  • 23:46 - 23:50
    Although it's hard to say. I don't have
    direct insight into what technology
  • 23:50 - 23:56
    and where it's coming from. Maybe you
    have more insight and can tell me.
  • 23:56 - 24:01
    H: Thank you, next question, please.
  • 24:01 - 24:06
    Q: Thank you to bring us the awareness
    that we have to fight for our freedom
  • 24:06 - 24:09
    in internet or also to fight
    leaders which try to...
  • 24:09 - 24:14
    H: Could you get a little closer to
    the microphone, please!
  • 24:14 - 24:19
    Q: My question was: When you go back to
    Iran, do you have any repression or
  • 24:19 - 24:21
    problems?
    M: Do I personally?
  • 24:21 - 24:28
    Q: Yes. personally.
    M: I haven't gone back to Iran since 2010
  • 24:28 - 24:31
    because I do things like come and
    talk here on a recorded video
  • 24:31 - 24:37
    audience amused
    I generally don...
  • 24:37 - 24:45
    applause
  • 24:45 - 24:50
    Q: It was my question exactly, and you
    should be aware that it's no democratic
  • 24:50 - 24:53
    there so if they catch you they do
    whatever they want with you.
  • 24:53 - 24:58
    It's not, like, we control the police...
    M: Yeah, I mean that's also another point
  • 24:58 - 25:03
    I wanna make: There's a lot of
    awesome unknown people doing work
  • 25:03 - 25:08
    and doing research and activism on the
    Iranian internet that remain anonymous
  • 25:08 - 25:13
    and use pseudonyms and can't do
    things like come here and talk, so
  • 25:13 - 25:17
    that's a decision I've made. There's other
    people doing really amazing work that you
  • 25:17 - 25:22
    probably will never see
    on a platform like this.
  • 25:22 - 25:29
    applause
  • 25:29 - 25:34
    H: Okay, may I ask on the next
    question, please. Thank you.
  • 25:34 - 25:38
    Q: Yeah, thanks for the great talk! I have
    a question about the certificate authorities
  • 25:38 - 25:43
    there in the Iranian State. You said that
    foreign certificate authorities are
  • 25:43 - 25:49
    blocked by the governmental filters.
    With your demonstration of one site...
  • 25:49 - 25:56
    of this blogger. Are there any certificate
    authorities in Iran not connected to
  • 25:56 - 26:01
    the government, or not... are forced to
    giving the private key to the government,
  • 26:01 - 26:06
    so that maybe foreign sites could just
    adjust their certificate to an Iranian
  • 26:06 - 26:13
    free or libre CA and so could do an
    access for the people there?
  • 26:13 - 26:17
    M: That's a really good question. I don't
    think I have the knowledge or expertise
  • 26:17 - 26:23
    to fully answer it. But I will point you
    towards the Smallmedia report that
  • 26:23 - 26:28
    really delved into this. They did like
    months of research. I think the person
  • 26:28 - 26:31
    you would probably wanna talk to
    would be Amin Sabeti. I could only
  • 26:31 - 26:38
    sort of guess and I'm not sure if
    it's broadly done on every website,
  • 26:38 - 26:42
    'cause there's obviously a lot of websites
    using foreign SSL certificates that
  • 26:42 - 26:47
    are not blocked, but if it's sensitive
    it's more likely to get blocked in Iran.
  • 26:47 - 26:52
    Q: Thank you very much.
    H: Thank you, are there any questions
  • 26:52 - 26:57
    from the internet?
    looking out for Signal Angel
  • 26:57 - 27:01
    Yes? Aah, ok. The internet, please!
    Signal Angel: So, question.
  • 27:01 - 27:05
    Since there seems to be a lot
    of trouble politically-wise,
  • 27:05 - 27:10
    is there a hacker scene in Iran? Like
    there is in Europe or in the USA?
  • 27:10 - 27:16
    M: Yeah, yeah there is a hacker scene
    and there's a, like an emerging
  • 27:16 - 27:21
    open source community doing a lot of
    cool work. Yeah, totally the scene exists.
  • 27:21 - 27:25
    I'm sure a lot of them would
    have loved to have been here.
  • 27:25 - 27:31
    H: And the internet, again!
    S: A lot of people in Iran, I know,
  • 27:31 - 27:35
    use VPNs. Have you heard of VPN providers
    cooperating with the government?
  • 27:35 - 27:42
    M: Yeah, that's another big security
    concern that I didn't cover in this talk,
  • 27:42 - 27:47
    w hich is like using VPNs is ubiquitous,
    basically, in Iran. Even
  • 27:47 - 27:52
    members of the government use it.
    I think there was even a photo of...
  • 27:52 - 27:56
    someone in one of the ministries, they
    had Psiphon on their desktop and
  • 27:56 - 28:00
    it was pictured on a famous photo that
    went viral. But one of the concerns is
  • 28:00 - 28:04
    like, the government is actually providing
    their own VPN so they can access data
  • 28:04 - 28:09
    and what people are connecting to
    through their own backdoored VPNs.
  • 28:09 - 28:17
    H: We have one more question, and that's
    here in the back, please. You, yeah.
  • 28:17 - 28:22
    Q: Hi, so I have... I was wondering
    if you have concrete cases
  • 28:22 - 28:28
    about government monitoring data or
  • 28:28 - 28:33
    using that as evidence in court cases.
  • 28:33 - 28:38
    Because we have always been
    speculating that these guys
  • 28:38 - 28:43
    will go through the messages that we send
    and then they're gonna use it against us.
  • 28:43 - 28:47
    But we have never been able
    to prove it. Do you have
  • 28:47 - 28:51
    any kind of cases study on that?
    M: There is the one really famous one that
  • 28:51 - 28:56
    I'm sure you've heard of,
    the Sony-Ericsson case
  • 28:56 - 29:01
    - I think I'm getting the company right -
    back in 2009 where they tracked
  • 29:01 - 29:05
    through the cell phone company.
    So that's the most concrete case.
  • 29:05 - 29:09
    But I suppose there aren't
    that many known,
  • 29:09 - 29:16
    and that's one of the problems with
    installing sort of a culture of digital
  • 29:16 - 29:20
    security in Iran. Because most people
    are afraid of physical surveillance,
  • 29:20 - 29:24
    this thing that if they're arrested and
    they take their computers physically
  • 29:24 - 29:30
    - that's the actual concern, not so much
    using encrypted email or encrypted chat.
  • 29:30 - 29:36
    So that might be part of it.
    I'm sure there are. I couldn't
  • 29:36 - 29:39
    name them to you right now but the most
    famous would be from 2009 when they were
  • 29:39 - 29:45
    working with Ericsson.
    Q: Thank you.
  • 29:45 - 29:54
    H: Ok, thank you!
    applause
  • 29:54 - 29:58
    H: And with that one more warm applause
    for Mahsa. Thank you so much for
  • 29:58 - 30:01
    coming today, Mahsa, thank you!
  • 30:01 - 30:06
    postroll music
  • 30:06 - 30:08
    created by c3subtitles.de in 2016
Title:
Mahsa: Mobile Censorship in Iran
Description:

As Internet users increasingly connect to the Internet through smartphones, this has transformed Iran’s Internet ecology towards an increasing reliance and production in apps. In Iran, a country that practises some of the most stringent censorship and surveillance techniques in the world has seen this transformation reshape the way the government implements information controls online. While applications with popular usage on browsers such as Facebook and Twitter remain blocked through their mobile applications, platforms that predominantly exist in app form such as WhatsApp, Viber, and Instagram remain unblocked in the country. This talk will look at how the government is counteracting these policies through various means, including local imitation apps, and new programs such as ‘intelligent filtering’, and the Revolutionary Guards' “Spider” program. Additionally, a discussion of how Iranian Internet users use these platforms, especially in reference to digital security awareness and practices will be included.

Mahsa
more » « less
Video Language:
English
Duration:
30:13

English subtitles

Revisions

Our website uses cookies for analysis purposes.