[liberationtech] if you are a circuvmention tool developer, please FREE it now for Iranian

Jon jon at openinternetproject.org
Wed Apr 16 07:00:41 PDT 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On Saturday, March 15, 2014 11:49 PM, Griffin Boyce wrote:
> Just a couple of things:
> 
> -- Any project which is not transparent about its funding or 
> operations should never be trusted.  I personally would classify
> paid software in this.  VPN is a bit different, but these vary
> widely and there is not one paid service that I'd recommend.
> Setting up your own VPN for yourself only is a far better option.
> 
> -- Anything that says "Iran version is free and it works only if
> you are in Iran." should be viewed with skepticism.

For pure circumvention, where users want to access non-controversial
content without their local ISPs knowing, a VPN provider in a
different country helps.  Griffin wisely points out that centralized
services (which basically include any for-profit company) must respond
to the government where they're based, and often also any government
where they do business.

I would counter that there is a role for commercial VPNs, and if these
companies see a long-term market value in an open Iran, they might
have a business interest in providing free services to a population
unable to pay currently.

> -- Tor currently works in Iran with either unblocked bridges or 
> flashproxy.  (flash proxy requires either the pluggable transports
> TBB or TBB beta 2.6+).

Tor is obviously the gold standard when it comes to secure and private
circumvention; its architecture is extremely robust and removes the
problem of having to trust a third party.  For any activist facing
imprisonment or worse for their online activities, I'd suggest they
start using Tor (and really, should consider TAILS).

Other (open source) options are Lantern (again, more for
circumvention, but uses your personal trusted contacts to proxy
blocked sites, as opposed to a single commercial VPN), and Psiphon of
course.
> 
> -- You're right that more circumvention projects should open their 
> source and make it free.  The idea of advertising to censored
> people has always rubbed me the wrong way.  These companies are
> basically making money off of desperate people =/

Question: Let's say a well-meaning social-enterprise-style VPN
company, whose servers are built using open source software wants to
help provide services to a censored country (either free or at a
reasonable price-point); how do they show good intentions and validate
that they are following good practices and limited logging?

> 
> -- Some US-based organizations block Iran IPs due to a 
> misunderstanding of UN export controls.

If anyone comes across these roadblocks, please point them to NAF's
blog post here:
http://oti.newamerica.net/blogposts/2014/us_government_clarifies_tech_authorizations_under_iranian_sanctions-103425
 , which gives a good plain-text explanation of this chunk of the new
D-1 exceptions (
http://www.treasury.gov/resource-center/sanctions/Programs/Documents/iran_gld1.pdf),
cropped here:

"
(a) Effective February 7, 2014, to the extent that such transactions are
not exempt from  the prohibitions of the Iranian Transactions and
Sanctions Regulations, 31 C.F.R. Part 560  ("ITSR"), and subject to the
restrictions set forth in paragraph (b), the following transactions are
authorized:
(...)

(4) Internet connectivity services and telecommunications capacity. The
exportation or reexportation, directly or indirectly, from the United
States or by a U.S. person, wherever located, to Iran of consumer-grade
Intemet connectivity services and the provision, sale, or leasing of
capacity on telecommunications transmission facilities (such as
satellite or terrestrial network connectivity) incident to personal
communications.
"

Even more info and a FAQ here:
http://www.treasury.gov/resource-center/sanctions/OFAC-Enforcement/pages/20140207_33.aspx



> ~Griffin
> 
> 
> 

- -- 
Jon at OpenInternetProject.org

PGP: 0020 1A37 47C0 0DEA C368 BCA5 A998 959F F926 BF8B
Mobile/Skype/Ostel/XMPP on request
OTR: FE0E870C 40A3B334 5E6E84F0 D013369F 3C064E4C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTTo0JAAoJEKmYlZ/5Jr+LXGgP/0qJCQK+owqY/ZqEDjpxvvkt
3q9ZJBdgbbOsuLYFR6HnQgv5lx/wHCHpPiDTg58lSd0ZDWgU3X3gv3ZtpllcCme3
vhQk14gzoLGYX8FS/C+dZCdeb5LElcBWrlU0+FdayJqxhMhDXlG/m1GGB+15tG2F
DsamlV4Bauh6CwIHVjnojQ/kYdCdDauorOJANrhsra6GF6re0KPY1+MZBNx30+Ag
biRboZdw3JpUtCuZNNOyOfNlCmSi32UB9k3PUTy4kDMP7m6m3H5LGVLqMjyKBJuS
NkjfgnM9rhobA/mHummrNUz7j6bkPbmAeJ+cVkFvUPN5ej/h//HWy2o1JLBTTuDb
af+ge4IRSf2OK8J9cSFPe/4GLlJ4CfJ1wipCaA7+rDQEGow9W1jwJsMpp2ZjgkL+
zQv9qfJn2br6/Vw8F7nCS2RolDfdXqkjuTVWwAySCQY01dzJwiBlbwj0ONWBYDX0
Pm+aiOtTFP9Yj+C3aoNHDItchtpNQhZYrTamRoaUHtuop7tomXd1OZygz9WL2ULX
bb734HCmvt5kCIH2gSNG9aIiIVDyjYVnPUshZGwYr4TSwo9qlXm7xQwXDPUKJroR
F2IsH/CuAjd6mVp8v5TM6or1rOPcUVwzBjFrwDCxO3rRLV4HENQD3HtDYxzn7Oyy
n3/Nau/Wo1KaNX4ycIPJ
=Cpno
-----END PGP SIGNATURE-----

More information about the liberationtech mailing list