During the November 2019 Iranian protests over gas price hikes, and during the December funerals of the protest victims, Iranians experienced a 10-day government-backed internet shutdown. During that “interruption,” about 1,500 people, including 443 women and 17 children, were killed by the regime, Reuters reported.
Though what happened to the Iranian internet is known as “intentional internet disruption” or “internet shutdown,” it technically was heavy filtering. When the internet is disrupted or shut down, users are completely disconnected from the global network. In heavy filtering situations, users are connected to the network but are not able to send or receive data.
The Iranian regime is always seeking ways to shut down the internet completely during critical situations. Contrary to popular belief, it’s not easy to cut off the internet in Iran completely. The Iranian internet structure is not an internal network as North Korea’s is. To completely separate a national intranet from the global network is an expensive and time-consuming project. Thus, at critical moments such as the protests, the regime resorts to heavy filtering and the creation of an unusable internet, in which the most widely used ports and protocols are banned by the provider or data centers.
But heavy filtering cannot continue for more than a few days in Iran, because both the people and the government are highly dependent upon the internet. A useless internet can prevent the dissemination of information about protests, but it also tends to paralyze the economy and public services. Amid heavy filtering, nobody, including the Iranian regime, can send an email or do regular bank transactions.
So what is the solution to heavy filtering and virtual isolation? A technically savvy internet user should be able to figure out what is going on, identifying blocked ports and protocols, and even turn them into a means for bypassing censorship. The technique of “domain fronting,” for example, was used in December successfully to bypass Iran’s heavy filtering and censorship from inside the country.
Domain fronting allows a user to connect to services blocked through deep packet inspection, domain name system, or internet protocol. It uses the application layer (layer 7 of the Open Systems Interconnection model) to obfuscate the domain name in an HTTPS request. In other words, domain fronting helps users make their traffic look like nonblocked domain traffic, to deceive the filtering system.
Meek Tor (the Onion Router) is one of the most famous free and open-source software for enabling anonymous communication and internet censorship circumvention. Meek (also developed by Tor project developers) can bypass internet censorship by exploiting the domain fronting technique, and it can be used on PCs, iOS, or Android cellphones using a quick configuration wizard.
Cloak is another tool for evading deep packet inspection filtering. It cryptographically disguises the proxy traffic as legitimate HTTPS traffic, so that the censorship system mistakes it for legitimate data and allows users to bypass the filtering.
The U.S. government can help free Iran’s internet by helping Iranians break the censorship wall with tools such as these. Users need technical education and some special services in order to use domain fronting.
Meanwhile, American companies can reverse well-meaning but harmful policies that are making it harder for Iranians to beat their government’s system of censorship. Google and Apple, for example, have cut their services to Iranian internet providers as a result of U.S.-imposed sanctions. Some companies also disable the domain fronting feature on their services for various reasons. As a result, neither Amazon Web Services nor the Google App engine currently allow this trick to be used.
The U.S. government can help by giving U.S.-based companies safe harbor, that is, guaranteeing that there is no punishment for providers reenabling domain fronting for Iranian users and providing services to them. Uncle Sam can also provide financial support to build up the infrastructure of anti-filtering services.
The U.S. government’s support for the free flow of information in Iran is not just about supporting the Iranian people. Internet disruption or internet filtering is a global issue. People all over the world who suffer from censorship can make use of these techniques.
The State Department and all other organizations which provide the budget for “free internet” in other countries should be reviewing their old and often useless policies, updating their evaluation system to check the actual result of their current projects. One successful project is more valuable than the results of hundreds of failed projects combined.
Ahmed Batebi, an Iranian activist, was imprisoned for almost nine years for his participation in the 1999 protests in Iran. Mamadou Babaei is a social media analyst and computer game developer.
