Comments on: Dispelling FUD: Iran and ISP Surveillance

By: draft paper—surveillance! « Caitshiv's Blog

draft paper—surveillance! « Caitshiv's Blog — Wed, 10 Feb 2010 03:34:39 +0000

[...] Parsons C. (2010). Dispelling FUD: Iran and ISP Surveillance. Technology, Thoughts and Trinkets. Retrieved February 3, 2010 from http://www.christopher-parsons.com/blog/isps/dispelling-fud-iran-and-isp-surveillance/ [...]

By: bolly

bolly — Sat, 16 Jan 2010 02:10:35 +0000

Thanks for reply, if I understand correctly, those who do it must be very careful. But hey, today I saw on Enduring America that this site was hacked, and still is at the time I write
http://hizbollah.ir/fa

In hard times of total repression, I think that this must become a major weapon and I hope that all those geeks out there will cause them a few headaches.

By: Tweets that mention Technology, Thoughts, and Trinkets» Dispelling FUD: Iran and ISP Surveillance -- Topsy.com

Wed, 13 Jan 2010 02:53:23 +0000

[...] This post was mentioned on Twitter by caparsons, caparsons, caparsons, Cosme Falcon, Nancy Butters and others. Nancy Butters said: Interesting (techie) discussion of internet surveillance in #Iran. http://bit.ly/8nKZeF #iranelection [...]

By: Christopher

Christopher — Wed, 13 Jan 2010 01:25:57 +0000

@JasonSnitker I have to trust the companies to be reasonably truthful, otherwise you're left with conspiracies that aren't terribly productive for analysis. In my meetings with various companies, I get the feeling that they don't want to have been seen as doing something wrong, and that most companies at least try to operate in ethical (or, at least legal...) ways.

By: Christopher

Christopher — Tue, 12 Jan 2010 21:50:09 +0000

@bolly I think that the regime has been clever in their willingness to massively curtail the amount of traffic that is allowed into and out of the nation during times of perceived governmental crisis; the ‘smaller pipe’ of data means that anything like a denial of service attack, from the outside into Iran, is prone to debilitating all Internet users in the nation. As for actually hacking the sites, well, it depends on how clever the individuals doing it are, and how well they actually cover their tracks. It can be very, very hard to identify the point of origin for a change to a webpage – the Citizen Lab at UoT has noted repeatedly that it’s through ‘traditional’ investigative efforts (i.e. phone calls, monitoring email accounts, etc) that tends to reveal who actually did what to some websites.

In the case of the hacking being an inside job, well, it depends on how good the auditing processes of the companies/government departments are. If they have strong audit processes, then they should be able to catch people who aren’t particularly skilled in covering their tracks.

By: JasonSnitker

JasonSnitker — Tue, 12 Jan 2010 20:12:22 +0000

Good job Chris. There was a time when we had a person on from their telecom infrastructure. Even being freely allowed to ask any question we wanted, how could we ever be sure that we were being answered truthfully? I’ve seen so many different attempts to deduce what is going on in their surveillance environment. On the Nokia/Siemens note, i’m thinking that was just for voice infrastructure only.

By: bolly

bolly — Tue, 12 Jan 2010 12:59:26 +0000

What do you think about large scale hacking of regime’s sites as next citizen actions ? Volonteers from all over, even paying some of them.. I’m thinking that they won’t be able to do much, they aren’t very savvy, and can’t trust their own employees.

By: Iran & Social Media: Dispelling Fear, Uncertainty, and Doubt (Parsons) | Enduring America

Tue, 12 Jan 2010 06:08:54 +0000

[...] on Iran and Twitter, including yesterday’s contributions by Josh Shahryar and Mike Dunn, Christopher Parsons posts a thorough review on his blog of censorship, surveillance, and social [...]

By: Christopher

Christopher — Tue, 12 Jan 2010 05:10:38 +0000

Glad you enjoyed it – I’ve been getting increasingly annoyed at how often I’m reading ‘Iran uses DPI!’ and decided to pull something together that clarifies why few people who have looked at the networking end plausibly see that government using DPI for surveillance practices.

By: Catelli

Catelli — Tue, 12 Jan 2010 03:43:05 +0000

Damn good article Chris. For once I can’t find any “holes” in your logic. You’ve amply illustrated that other technologies can accomplish the desired result. Also nice touch in illustrating that behaviour based analysis can reveal a lot of information without the need for DPI or other intrusive or expensive technologies. Well reasoned and very educational.