[Debate] Iran's Web censoring and spying aided by Nokia, Siemens

[Hein Marais]

Available here: http://online.wsj.com/article/SB124562668777335653.html#

Monday,June 22, 2009
Wall Street Journal


Iran's Web Spying Aided By Western Technology
European Gear Used in Vast Effort to Monitor Communications


By CHRISTOPHER RHOADS in New York and LORETTA CHAO in Beijing

The Iranian regime has developed, with the assistance of European  
telecommunications companies, one of the world's most sophisticated  
mechanisms for controlling and censoring the Internet, allowing it to  
examine the content of individual online communications on a massive  
scale.

Interviews with technology experts in Iran and outside the country say  
Iranian efforts at monitoring Internet information go well beyond  
blocking access to Web sites or severing Internet connections.

An undated screen grab from an Internet video shows a young woman  
identified only as Neda, who has become an iconic image of the  
violence during Iranian protests over the nation's disputed  
presidential election. Because of reporting restrictions in Tehran,  
the incident could not be independently verified.

Instead, in confronting the political turmoil that has consumed the  
country this past week, the Iranian government appears to be engaging  
in a practice often called deep packet inspection, which enables  
authorities to not only block communication but to monitor it to  
gather information about individuals, as well as alter it for  
disinformation purposes, according to these experts.

The monitoring capability was provided, at least in part, by a joint  
venture of Siemens AG, the German conglomerate, and Nokia Corp., the  
Finnish cellphone company, in the second half of 2008, Ben Roome, a  
spokesman for the joint venture, confirmed.

The "monitoring center," installed within the government's telecom  
monopoly, was part of a larger contract with Iran that included mobile- 
phone networking technology, Mr. Roome said.

"If you sell networks, you also, intrinsically, sell the capability to  
intercept any communication that runs over them," said Mr. Roome.

The sale of the equipment to Iran by the joint venture, called Nokia  
Siemens Networks, was previously reported last year by the editor of  
an Austrian information-technology Web site called Futurezone.

The Iranian government had experimented with the equipment for brief  
periods in recent months, but it had not been used extensively, and  
therefore its capabilities weren't fully displayed -- until during the  
recent unrest, the Internet experts interviewed said.

"We didn't know they could do this much," said a network engineer in  
Tehran. "Now we know they have powerful things that allow them to do  
very complex tracking on the network."
[Iran's Web Spying Aided By Western Technology]

Deep packet inspection involves inserting equipment into a flow of  
online data, from emails and Internet phone calls to images and  
messages on social-networking sites such as Facebook and Twitter.  
Every digitized packet of online data is deconstructed, examined for  
keywords and reconstructed within milliseconds. In Iran's case, this  
is done for the entire country at a single choke point, according to  
networking engineers familiar with the country's system. It couldn't  
be determined whether the equipment from Nokia Siemens Networks is  
used specifically for deep packet inspection.

All eyes have been on the Internet amid the crisis in Iran, and  
government attempts to crack down on information. The infiltration of  
Iranian online traffic could explain why the government has allowed  
the Internet to continue to function -- and also why it has been  
running at such slow speeds in the days since the results of the  
presidential vote spurred unrest.

Users in the country report the Internet having slowed to less than a  
tenth of normal speeds. Deep packet inspection delays the transmission  
of online data unless it is offset by a huge increase in processing  
power, according to Internet experts.

Iran is "now drilling into what the population is trying to say," said  
Bradley Anstis, director of technical strategy with Marshal8e6 Inc.,  
an Internet security company in Orange, Calif. He and other experts  
interviewed have examined Internet traffic flows in and out of Iran  
that show characteristics of content inspection, among other measures.  
"This looks like a step beyond what any other country is doing,  
including China."

China's vaunted "Great Firewall," which is widely considered the most  
advanced and extensive Internet censoring in the world, is believed  
also to involve deep packet inspection. But China appears to be  
developing this capability in a more decentralized manner, at the  
level of its Internet service providers rather than through a single  
hub, according to experts. That suggests its implementation might not  
be as uniform as that in Iran, they said, as the arrangement depends  
on the cooperation of all the service providers.

Checks and Balances

Iran's government is a combination of democracy and Islamic theocracy.  
Take a look at the power structure.

View Interactive

The difference, at least in part, has to do with scale: China has  
about 300 million Internet users, the most of any country. Iran, which  
has an estimated 23 million users, can track all online communication  
through a single location called the Telecommunication Infrastructure  
Co., part of the government's telecom monopoly. All of the country's  
international links run through the company.

Separately, officials from the U.S. embassy in Beijing on Friday met  
with Chinese officials to express concerns about a new requirement  
that all PCs sold in the China starting July 1 be installed with Web- 
filtering software.

If a government wants to control the flow of information across its  
borders it's no longer enough to block access to Web sites hosted  
elsewhere. Now, as sharing online images and messages through social- 
networking sites has become easy and popular, repressive regimes are  
turning to technologies that allow them to scan such content from  
their own citizens, message by message.

Human-rights groups have criticized the selling of such equipment to  
Iran and other regimes considered repressive, because it can be used  
to crack down on dissent, as evidenced in the Iran crisis. Asked about  
selling such equipment to a government like Iran's, Mr. Roome of Nokia  
Siemens Networks said the company "does have a choice about whether to  
do business in any country. We believe providing people, wherever they  
are, with the ability to communicate is preferable to leaving them  
without the choice to be heard."

Countries with repressive governments aren't the only ones interested  
in such technology. Britain has a list of blocked sites, and the  
German government is considering similar measures. In the U.S., the  
National Security Agency has such capability, which was employed as  
part of the Bush administration's "Terrorist Surveillance Program." A  
White House official wouldn't comment on if or how this is being used  
under the Obama administration.

The Australian government is experimenting with Web-site filtering to  
protect its youth from online pornography, an undertaking that has  
triggered criticism that it amounts to government-backed censorship.

Content inspection and filtering technology are already common among  
corporations, schools and other institutions, as part of efforts to  
block spam and viruses, as well as to ensure that employees and  
students comply with computer-use guidelines. Families use filtering  
on their home computers to protect their children from undesirable  
sites, such as pornography and gambling.

Internet censoring in Iran was developed with the initial  
justification of blocking online pornography, among other material  
considered offensive by the regime, according to those who have  
studied the country's censoring.

Iran has been grappling with controlling the Internet since its use  
moved beyond universities and government agencies in the late 1990s.  
At times, the government has tried to limit the country's vibrant  
blogosphere -- for instance, requiring bloggers to obtain licenses  
from the government, a directive that has proved difficult to enforce,  
according to the OpenNet Initiative, a partnership of universities  
that study Internet filtering and surveillance. (The partners are  
Harvard University, the University of Toronto, the University of  
Cambridge and the University of Oxford.)

Beginning in 2001, the government required Internet service providers  
to install filtering systems, and also that all international  
connections link to a single gateway controlled by the country's  
telecom monopoly, according to an OpenNet study.

Iran has since blocked Internet users in the country from more than  
five million sites in recent years, according to estimates from the  
press-freedom group Reporters Without Borders.

In the 2005 presidential election, the government shut down the  
Internet for hours, blaming it on a cyberattack from abroad, a claim  
that proved false, according to several Tehran engineers.

Several years ago, research by OpenNet discovered the government using  
filtering equipment from a U.S. company, Secure Computing Corp. Due to  
the U.S. trade embargo on Iran, in place since the 1979 Islamic  
revolution overthrew the U.S.-backed shah, that was illegal. Secure  
Computing, now owned by McAfee Inc., at the time denied any knowledge  
of the use of its products in Iran. McAfee said due diligence before  
the acquisition revealed no contract or support being provided in Iran.

Building online-content inspection on a national scale and coordinated  
at a single location requires hefty resources, including manpower,  
processing power and technical expertise, Internet experts said.

Nokia Siemens Networks provided equipment to Iran last year under the  
internationally recognized concept of "lawful intercept," said Mr.  
Roome. That relates to intercepting data for the purposes of combating  
terrorism, child pornography, drug trafficking and other criminal  
activities carried out online, a capability that most if not all  
telecom companies have, he said.

The monitoring center that Nokia Siemens Networks sold to Iran was  
described in a company brochure as allowing "the monitoring and  
interception of all types of voice and data communication on all  
networks." The joint venture exited the business that included the  
monitoring equipment, what it called "intelligence solutions," at the  
end of March, by selling it to Perusa Partners Fund 1 LP, a Munich- 
based investment firm, Mr. Roome said. He said the company determined  
it was no longer part of its core business.

-- Ben Worthen in

San Francisco, Mike Esterl in Atlanta and Siobhan

Gorman in Washington

contributed to this article.


I






-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fahamu.org/pipermail/debate-list/attachments/20090622/66daa00f/attachment.htm