The Global Mail has ceased operations.
<p>Photo by Mike Bowers</p>

Photo by Mike Bowers

Iran: Not Tweeting, Hacking

As Iran tries to control its citizens online, hacktivists worldwide are fighting back with innovative new ways to allow anyone unfettered access to the internet.

In early February this year, in an online forum frequented by Western computer hackers and internet security buffs, an urgent call to arms was sent out:

"This kind of help is not for the technically faint of heart but it's absolutely needed for people in Iran, right now."

The message was posted by 28-year-old American Jacob Appelbaum. Appelbaum is a well-known hacker and dissident — his work for Wikileaks has seen him detained and interrogated by US law enforcement many times. He’s a research scientist at the University of Washington’s security and privacy research lab, and is a key developer on a computer software program called Tor. Tor allows its users to access the internet anonymously. In the field of what’s known as circumvention technology, it’s of the best there is. In Iran, around 50,000 people use it to get online safely.

But last month it was suddenly and swiftly disabled within Iran, an attack that almost certainly came from within the Iranian government.

Appelbaum told the online forum that he had a plan to get Tor back up and running. He had to make some changes to the program, and he needed help testing them:

"We've long had an ace up our sleeves for this exact moment in the arms race, but it's perhaps come while the user interface edges are a bit rough."

While Appelbaum says he is an advocate of peace-building, not cyber-war, he was furious about the attack. On Twitter, he sent out a rhetorical tweet to his thirty thousand followers; “What does fascism look like in the 21st century?”

"Yeah, we were freaking out, we thought it was endgame," says Andrew Lewis of the February incident in Iran, which also saw fully-encrypted sites including Google disabled. Lewis, 22, also a sometime hacker and computer security buff from the United States, says he feared the Iranian regime was finally making good on its threat to permanently cut Iran off from the World Wide Web.

“The filtering regime and the surveillance regime is a black box; you know it’s there, but you can’t always tell what its doing. When you don’t know your limits, you tend to assume they are a lot more strict than what they are.”

Lewis, like Appelbaum, is a member of a new and growing political tribe perhaps best described as cyber-activists, or hacktivists. Young and tech-savvy, many have been inspired by the events of the Arab Spring, where regimes facing growing internal dissent have responded by attempting to censor the internet. From computers across America and Europe, hacktivists monitor the activities of these regimes and develop circumvention technologies to help people get around the censorship. While once they would have been labeled geeks, they now are playing a critical role in keeping activists and ordinary civilians in repressive countries online.

Most hacktivists are volunteers, working in their spare time. By his own admission Andrew Lewis is obsessed with his new calling; he recently quit his day job and is living off his savings so he can be a full-time cyber-activist. On the day we spoke he was in the Scottish countryside, from where he'd been able to get into "the back end" of the Syrian internet network via his mobile phone, checking which parts of the besieged town of Homs were still online.

The February cyber-attack in Iran was not permanent. Tor was re-worked and back up and running after a week. After such a major assault though, hacktivists trawled the online 'crime' scene to try and figure out what had just happened. Their conclusion was ominous. According to Andrew Lewis, it was a highly sophisticated manoeuvre from Tehran that could only be done by using new, expensive computer filtering equipment: "It is cutting-edge. They must be getting it from somewhere. Either they are copying it, or someone is giving them high-end equipment."

The world inhabited by cyber-activists and their government adversaries is subterranean. There are no manuals to follow, and the technology is constantly evolving. As Mahmood Enayat, an exiled Iranian who develops circumvention software from his flat in London, describes it: "The whole thing is a war. You come up with a tool, the Iranian government blocks it, then you have to come up with a different submission. It's a kind of cat-and-mouse game, it is never ending."

While the political purpose of the February shutdown in Iran was almost certainly about stopping communications during the anniversary of anti-government demonstrations, hacktivists fear it could also have been also an ingenious cyber ploy. Andrew Lewis says, "It may have been a feint, to get us to provide the next level of what we're going to do on Tor, so the Iranians can now rip apart what just came out and go after it."

<p>Photo courtesy of Bryce Lynch</p>

Photo courtesy of Bryce Lynch

'Sitwon' and 'Haxwithaxe' (left to right) -pseudonyms- hackers working at HacDC, a 'hackerspace' in Washington DC.

The revolution will not be tweeted

In the space of just a few years, the Iranian government has dramatically improved its ability to control and monitor the internet. It's now widely recognised as second in ability only to the undisputed master of online censorship, China.

Iran was spurred into action by the huge street protests following the disputed presidential election in 2009. It was the largest outbreak of internal unrest in Iran since the revolution three decades ago, and it delivered a powerful lesson to the regime about how individuals can successfully harness technology and wield it against a repressive State.

Protestors used social media, email and text messaging to mobilise; the Opposition bypassed traditional, state-controlled media and got their message out on their own websites; bloggers vented against the government; and citizens armed with mobile phone cameras became journalists. The physical borders to Iran were closed, but thanks to a mobile phone camera and YouTube, millions around the world witnessed the brutal death of Neda Agha-Soltan — a young Iranian woman, shot in the chest while watching a protest, slowly dying on the pavement.

The government responded by investing heavily in its own technological capabilities — reportedly USD500 million in the last budget alone — and now has largely succeeded in wresting supremacy of the online world from the hands of the people. It has shown a vast ability: to filter and block content, monitor online activity, hack opposition websites, monitor text messages, and track people down via their mobile phones.

A group run by a branch of the military that calls itself the Iranian Cyber Army has even extended its reach beyond Iran, hacking a European-based Iranian news site and temporarily hijacking Twitter.

“People are smart, people are innovative, they will respond to the changes in their environment, especially in a repressive one. ”

Activity in the offline world has been equally as harsh. Dozens of bloggers have been arrested and jailed — some for decades — and activists report being hauled in and interrogated about their emails and Facebook chat logs. Four web developers have been given the death penalty; the execution of three of the men is regarded as imminent.

Not surprisingly in this environment, the once vibrant blogosphere in Iran is now well and truly dead. Mahmood Enayat, the Iranian exile living in London, says Iranians are now too insecure and fearful to do much online. "The fear is so great. They still use the internet but mainly for entertainment purposes, like downloading music or a ringtone, but not for anything political. You can hardly get any proper news, by that I mean citizen journalism, out of Iran now. People are not feeling quite secure to being engaged with international media or other organisations."

While no one believes the regime could monitor every single online movement, the psychological impact of knowing they possibly could is enough, says Collin Anderson, an American computer programmer and cyber-activist who works closely with Iranians. "The filtering regime and the surveillance regime is a black box; you know it's there, but you can't always tell what it's doing. When you don't know your limits, you tend to assume they are a lot more strict than what they are."

Iran's experience should mark the end of what technology writer Evgeny Morozov calls "cyber-utopianism", a naïve belief — often held by enthusiastic Western journalists espousing "Twitter revolutions" — that the internet is in itself a liberator, that it somehow favours the powerless and the democracy seekers. As Iran shows, it is a tool that can be harnessed by the oppressed and oppressors alike.

<p>Photo courtesy of Bryce Lynch</p>

Photo courtesy of Bryce Lynch

Bryce Lynch at HacDC, a 'hackerspace' in Washington DC.

The small revolution

Cyber-activists are responding to the crackdown not by retreating but by changing tack. Repression is leading to innovation.

Cameran Ashraf is an energetic Iranian-American cyber-activist based in Los Angeles. During 2009 and 2010 he was at the forefront of a wave of digital activism, helping smuggle hundreds of protest videos out of Iran. He admits the protest scene is now pretty much over, as people retreat back into a culture of fear, but he says new technological developments are afoot:

"People are smart, people are innovative, they will respond to the changes in their environment, especially in a repressive one. In Iran right now the government is having a revolution of the big, because they are trying to put all these big things in place to stop the internet, but people are responding with a revolution of the small."

Cyber-activists are excited about a new conceptual approach to technology, one they are calling "small media". The idea is to de-centralise, to leave a smaller footprint that is more difficult for authorities to track and shut down.

According to Ashraf, at its most basic it is a tech-savvy Iranian expat in Los Angeles building a proxy — a way to access the internet securely — exclusively for the use of family members back in Tehran. Or it is an activist in Tehran making a video, and instead of distributing it via the internet, making multiple DVDs and discreetly leaving copies in phone boxes. An almost old-fashioned approach.

“If it is passed on to the wrong person, then the rest of the network is safe. They are not connected to each other. If the government gets one they can only block that one.”

At a more sophisticated level, it's work like that being done by the Project Byzantium team in Washington, D.C. Project Byzantium aims to build an alternative to the internet, something to use when a regime shuts down the telecommunications infrastructure of a country. This is what the Egyptian government did when faced with an impending revolution in 2011.

The project is run by volunteers, including computer programmer Bryce Lynch. Lynch, who has no background in international politics, became an activist after reading about the revolution in Tunisia: "I realised I could help, so I joined the hacktivist community." He says what they are building is like a wireless internet network, but with no centre. It will allow someone with a small memory stick or wireless card to set up a 'node' on their computer, MP3 player or phone, and become connected to all the other 'nodes' in the network. When just one node gets access to the global internet — perhaps by being near a border — it becomes the gateway for everyone to get connected. "Everyone becomes their own telecommunications provider," says Lynch.

It's a project high on altruism, free and designed to be easily copied so as many people as want it can get it.

The enormous power of social networks is also being employed in the fight-back against the government. Mahmood Enayat builds circumvention software that can be distributed only by friends passing it on to other friends. One of his programs, called Sabznameh, gives subscribers access to headlines from banned news sites such as BBC Persian. It currently has an incredible 42,000 users in Iran.

According to Enayat, "If it is passed on to the wrong person, then the rest of the network is safe. They are not connected to each other. If the government gets one, they can only block that one. There is no one solution, no one centre."

For the cyber-activists involved in this technological 'war' with Iran, it's about fighting for everyone to have the right to unfettered access to the internet, for whatever purpose. They acknowledge that most people they help to get online in Iran are not necessarily trying to foment political dissent — they simply may be curious about the latest result in the UK Premier League.

Cameran Ashraf says, "I think people get very depressed, you can't even look at stuff you're interested in. Maybe you just want to look at BBC because you just like sport, but you can't.

"It is a total repression, not just political repression," he says. "It's a repression of life in a way."

Type a keyword to search for a story or journalist