Joe Dog Software

As protests mounted in Iran this week, the regime cut its nationwide internet service to stem the flow of information into and out of the country. With power mostly concentrated in the hands of one man, the Supreme Leader Ayatollah Ali Khamenei, the country is capable of quickly disrupting internet services, a task that's almost impossible in Western-style democracies. 

So how do they do it?

Their ability to abruptly cut services begins with its design. The Iranian internet was engineered with centralized choke points—legal, technical, and physical—that give the state direct control over international connectivity and domestic routing. This design is not unique to Iran, but the Islamic Republic is better at severing networking ties with the world than almost any other country, with the exception of North Korea.

All cable landings and cross-border fiber links are state-owned or licensed to vendors that enjoy the government's full trust. If Ali Khamenei has a brother-in-law, you can bet he's managing MMRs in a regional telecom. When the Grand Poobah wants to sever all ties to the outside world, this is where he starts. His IT team of minions pulls the plugs at the borders.

The country maintains tight control over its ISPs. The Ministry of ICT can issue binding directives to its ISPs, and they have no right of refusal. So after severing ties at the border, they cut their citizens' access to the local Iranian network. Now, Farhad can't watch porn, and his phone can't download data. And unless he's a real pro, he can't get images of the blazing government buildings out of the country.

At the network level, Iran uses BGP (Border Gateway Protocol) to obscure its presence on the internet. The state withdraws route announcements. Foreign networks don't know how to reach Iranian IP addresses, and outbound traffic loses valid paths. This action can take place in minutes. Iran doesn't block traffic; it stops advertising where it lives.

While it's in this state, most VPNs stop working. People probe the network for AS paths (Autonomous System) they can use to establish a connection. Once they have one, they can send images and videos to the global internet. The state monitors these connections and shuts them down. It's a game of whack-a-mole. 

 

• Siege
  • About
  • Manual
  • FAQ
  • README
  • History
• Fido
  • About
  • Manual
  • FAQ
• AJPing
  • About
  • Manual
• Pinochle
  • About
  • Playing Pinochle
  • Configure
  • Rules of Pinochle
• Wackyd
  • Wackyd
  • README
  • History
  • Manual
• Perl Modules
• Articles
  • Getopt For PHP
  • Global Response
  • Cache Control
  • Bandwagon Fans
  • Mr. Microphone