internet security

internet security

Post image for A New Year, No-War Campaign, Special Rapporteur Delivers, Underaged Marriage Rises

The chances are high that you will be reading this review during the first days of the new Iranian year. Arseh Sevom wishes you a good new year. Last year was disheartening for many civil society actors in Iran, as the regime shut down organizations, arrested many, and harassed even more. Some bloggers are writing [...]


Post image for Poison Pen Letters: Journalists in Iran Threatened Via Email

For those of you who read Arseh Sevom’s recent post about Walid Al-Saqaf (click here) and his circumvention tool, Alaksir, you know the Iranian government is cracking down on the internet using deep packet inspection. This means they are examining every piece of information going through the cyber pipes. Now Global Voices reports that a [...]


Post image for Breaking and Bending Censorship with Walid Al-Saqaf

Arseh Sevom — Reports from the Islamic Republic of Iran about internet speeds, work to create a parallel cyber Iran, and the growing success of filtering systems paint a picture of desperate efforts to exert control over the population. Iran is not alone in its efforts. North Korea has their own “intranet” called Kwang Myong (“light” or “hope, fair, just, open”). The North Korean version duplicates external content it deems acceptable. Iran’s new closed intranet is expected to do the same, in a cyber version of what the state already does in traditional media by cherry-picking content from international sources and editing or translating it in ways that often distort the original meaning.


The Editor. January 5, 2012

How do you sanitize the Internet?

Post image for How do you sanitize the Internet?

Board member Fred Petrossians, writing for Global Voices discusses rumors and plans for total control of the internet by the Iranian state:

Iranian authorities see the internet as a real battleground and consider citizen media and social networking as tools of “soft war”. Over several years they claim to have blocked and filtered millions of websites and blogs. Now several bloggers have reported that Iran’s Corporate Computer Systems say the goal is for Iran to be entirely cut off from the World Wide Web once the country launches its own national internet network.

(More here…)


The Editor. September 7, 2011

Was Your Gmail Account Safe?

Post image for Was Your Gmail Account Safe?

More than 300,000 Iranians have had their Gmail accounts compromised. From the report by the investigative firm Fox-IT, the security firm hired to investigate the stolen DigiNotar security certificates, it is clear that as early as July 28, the company was aware that falsified security certificates were in use in Iran. This is one month earlier than the first public notice, which was made by a Google Chrome user in Iran. (Read more background information.)

The report, Operation Black Tulip (pdf), states:

They used both known hacker tools as well as software and scripts developed specifically for this task. Some of the software gives an amateurish impression, while some scripts, on the other hand, are very advanced. In at least one script, fingerprints from the hacker are left on purpose, which were also found in the Comodo breach investigation of March 2011.

Read more


Post image for Man in Middle Attacks Dangerous in Iran – Part 2

به زبان فارسی

UPDATE: Google and Mozilla have revoked more than 200 security certificates as a result of a hack into the accounts of certificate authority, DigiNotar.

WARNING: Tor, Yahoo, and Mozilla were among the targets.

WHAT THIS MEANS: If you are in using Tor software downloaded after July 9, it might be compromised. Users of confirmed versions of Tor should not have been effected. (Read more on the Tor Blog.) If you have not checked the signature of Tor to ensure that it is authentic, now is the time to do so. Instructions are here.


A few days ago, Arseh Sevom reported on compromised security for users in Iran. It was reported that a security certificate was stolen and was in used in Iran. This certificate was used to access secure communication between users in Iran and Google.

Read more…


Google compromised

It all began with a simple message. An Iranian internet user was trying to connect to Google using the Chrome browser. Strangely enough, his browser flashed a message telling him that the security certificate he was using to access Google was not theirs. The user went to Google’s help forums to follow up on this and an investigation followed which uncovered a secretive, but highly explosive plot: a security firm in the Netherlands, DigiNotar, had seemingly provided a certificate to “someone” in Iran that allowed access to all secure traffic over Google within Iran.

Read more…


The Editor. August 29, 2011

You don’t have to pay for protection

Post image for You don’t have to pay for protection

This post is part of special series of articles focusing on managing your online security and privacy. The complete series can be found in Persian at this link:

Easy to use software is available that will keep your computer safe, and some of it is actually! Better yet, you can download anti-virus protection from the internet and install it in minutes. The best part: these applications don’t constantly bug you about renewing that subscription

We’ve made a short list of the best of these programs. So get rid of those tiresome constant pop-ups! Or, in the case that you don’t have an anti-virus program installed, start protecting your computer and your personal information better!


AVG (Used by writer and recommended)








Read more…


Post image for Two Important Facebook Issues: Privacy and Attack Rumors

This post is part of special series of articles focusing on managing your online security and privacy. The complete series can be found in Persian at this link:

Two Important Facebook Issues

Facebook has been in the news for two unrelated, yet disturbing issues. One concerns rumors of an attack on Facebook by the group Anonymous. The other is related to Facebook’s newest privacy intrusion. People who use its mobile phone application have found that the phone numbers of their contacts are now being imported into Facebook’s database.

Read the complete post…