Net Neutrality and Internet Censorship

2,616 views

Published on

A presentation about net neutrality and internet censorship from Bitnorth 2009.

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,616
On SlideShare
0
From Embeds
0
Number of Embeds
19
Actions
Shares
0
Downloads
41
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Net Neutrality and Internet Censorship

  1. 1. Net Neutrality<br />A primer<br />
  2. 2. Network Neutrality<br />The promise of the Internet<br />Means networks should be dumb<br />Because for once, dumb is good:<br />Dumb networks are necessary for open and free communication<br />Key to innovation<br />The promise of the Internet<br />
  3. 3. Who wouldn’t want this?<br />Telecom providers feel left out of the Internet economy :-(<br />Dear Google: We’re the reason you’re successful. Shouldn’t you pay us for all the traffic we bring you?<br />Internet Service Providers want to ration bandwidth by application<br />Create tiered access<br />“value-add” for the consumer <br />BitTorrent and MMORPGs? $$$<br />
  4. 4. Their needs<br />
  5. 5.
  6. 6. The Internets: Not a truck<br />
  7. 7. How?<br />Traffic shaping<br />Deep Packet Inspection<br />Telecom provider buys special box<br />Special box peeks into your internet connections<br />Tries to identify applications and services using known patterns<br />Even encrypted protocols have identifiable patterns..<br />
  8. 8.
  9. 9.
  10. 10. Meanwhile…<br />
  11. 11.
  12. 12.
  13. 13.
  14. 14.
  15. 15.
  16. 16.
  17. 17.
  18. 18.
  19. 19.
  20. 20.
  21. 21.
  22. 22. #iranelection<br />JUNE 2009, TEHRAN<br />
  23. 23. Censorship in Iran<br />Between 5 and 10 million websites, according to government statements<br />Dissident and reformist political content<br />Secular viewpoints<br />Ba’hai faith, Kurdish movements<br />Sins: Pornography, drug, alcohol, gambling<br />Foreign media sites<br />Tools for circumventing filters<br />9% of all Farsi blogs<br />Myspace, Orkut, Flickr, Bebo, Metacafe, Photobucket, Del.ic.io.us<br />
  24. 24. And during the 2009 election..<br />
  25. 25. Iran Facts<br />23 million Internet users in Iran (28 million in Canada)<br />35% of the Iranian population<br />60,000 active Farsi blogs<br />1/3 of the Iranian population is between 15 and 29 years old<br />
  26. 26. Circumventing Censorship<br />SSL encrypted proxy servers<br />Freegate<br />Tor<br />OpenVPN tunnels<br />SSH tunnels<br />
  27. 27.
  28. 28. Iran blocking ports?<br />We needed to know if it was true that connections originating inside Iran were being blocked by port<br />We had no friends in Iran to help us test this<br />Then we had an idea.. <br />
  29. 29.
  30. 30. Testing Connectivity from Within Iran<br />Follow these steps:<br />Step 1: Google for publicly accessible FTP server<br />Step 2: Connect with FTP client and initiate active mode data connection back to client<br />Step 3: Wait to see if connection successfully completes or not<br />Implemented in a program that did this automatically<br />Link at the end of presentation<br />
  31. 31. Results<br />So how many ports were being blocked?<br />None!<br />
  32. 32. However..<br />There were credible reports from Iran of connectivity problems<br />A pattern emerged<br />Affected connections are slow, very slow<br />The port does not matter<br />Destination does not matter<br />What matters is the protocol you’re using to communicate<br />
  33. 33. An experiment<br />We wanted to verify a theory that deep packet inspection technology was behind the censorship<br />The SSH protocol was chosen<br />Modifications were made to OpenSSH to fully encrypt the initial handshake<br />To avoid detection by deep packet inspection technology<br />
  34. 34. Result<br />Significant performance differences observed between normal SSH and the modified SSH<br />This strongly suggested that some sort of deep packet inspection technology was being used <br />Later, sources in Iran credibly claimed that Western technology was being used to implement state censorship policy<br />Packet shaping, deep packet inspection technology<br />Specific products cited<br />
  35. 35. Conclusion<br />By definition, deep-packet inspection, packet shaping technology is censorship technology<br />The introduction of a policy of service or application preference, an intentional bias<br />The technology is not evil<br />But it can be<br />Similarly, the export of technology to Iran is not a bad thing<br />
  36. 36. Thank you!<br />
  37. 37. Links<br />http://opennet.net/research/profiles/iran<br />http://github.com/brl/ftpscan<br />http://github.com/brl/obfuscated-ssh<br />E-mail<br />bruce@netifera.com<br />drma@mac.com<br />

×