[liberationtech] The Botnet of Fraudulent Advertising in Iran - FYI

[Nariman Gharib]

Hi Libtech,

For months we have been working on a report regarding how criminals in Iran
are making money by creating Android malware apps and we have discovered
their networks in Iran with very interesting details.

if you wanna read more about this report:
https://blog.certfa.com/posts/pushiran-dl-malware-family

Please feel free to contact us if you have any questions.

cont...@certfa.com (PGP: A5C29346EF5D6CB7)


Thank You

-- 
PGP: 0xa53963936999cbb6
@NarimanGharib 
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing the moderator at 
zakwh...@stanford.edu.

[liberationtech] Two popular android apps are spying on 30 million Iranian Telegram users in Iran

[Nariman Gharib]

Hi Libtech,

Some of my friends a few weeks ago published two reports regarding how two
Telegram apps:

HotGram “ هاتگرام “
Gold Telegram “ تلگرام طلایی “ “ طلگرام طلایی “

Are spying on Iranian citizens.

3 days ago Iranian officials officially announced that they are behind
those apps:
https://en-radiofarda-com.cdn.ampproject.org/c/s/en.radiofarda.com/amp/29365779.html

I haven’t had a chance to report it to Google as things move slowly through
Google App Store. So I’m adding those reports here, which are in Farsi, but
you can see all the technical analysis around it very easily.

http://vrgl.ir/3mFFT
http://vrgl.ir/pLlXf

The developer behind these apps is uploading the app under many names and
developer consoles. I hope someone there can take a look and also report it
to the relevant person at the Google App Store Security/Policy team.


https://play.google.com/store/apps/details?id=org.x.ariagram

https://play.google.com/store/apps/details?id=com.farsitel.vtwoflt
https://play.google.com/store/apps/details?id=ir.puls.messenger
https://play.google.com/store/apps/details?id=ir.gold.gram
https://play.google.com/store/apps/details?id=com.tlgtala.filttwo
https://play.google.com/store/apps/details?id=com.farsitel.voneflt
https://play.google.com/store/apps/details?id=net.hamgram
https://play.google.com/store/apps/details?id=com.farsitel.vtwoflt
https://play.google.com/store/apps/details?id=com.farsitel.voneflt
https://play.google.com/store/apps/details?id=ir.hotgram.mobile.android&hl=en_GB
https://play.google.com/store/apps/details?id=com.telegtala.tala&hl=en_US


Thank You


-- 
PGP: 0xa53963936999cbb6
@NarimanGharib 
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing the moderator at 
zakwh...@stanford.edu.

[liberationtech] Telegram and Iran and of course Google Play - FYI

[Nariman Gharib]

Hi Libtech,

Last week Amin Sabeti and I have launched a open source app of Telegram
with Psiphon VPN built into it.
www.TelegarmDR.com

https://www.rferl.org/a/iranian-expats-launch-own-telegram-with-built-in-proxy-to-counter-filtering-at-home-/29204673.html

In just one day it got more day 1m installs and also it was trending on
Google Play in communication apps category.

https://twitter.com/NarimanGharib/status/991756403256840193

Many of our friends have criticized us that we shouldn't developed this or
we shouldn't trust Telegram or... but we are care about people's access to
free and open content.

Then a day after that I have received this email from Google that your app
package name and your app name are similar to other services and they have
asked me to change our app name and send it back again to Google, but we
don't want to do this because our users will get confused and they will not
trust in us anymore. so our app status is still suspended from Google Play.
p.s I already approached to Telegram and waiting for their help too.

 https://twitter.com/NarimanGharib/status/991930080808067073

Then I searched Google Play for "Telegram" and I found out this:

https://twitter.com/NarimanGharib/status/992723876311457794
https://twitter.com/GEsfandiari/status/992728876156637185

Then today I have received messages from Iran that there are some apps in
Iranian app market CafeBazaar which can bypass the censorship but
government officials didn't remove them yet. like this one:
https://cafebazaar.ir/app/ir.hotgram.mobile.android/?l=en

but see what they did to Telegram app with more than 40m installs in Iran:
https://cafebazaar.ir/app/org.telegram.messenger/?l=en

Sorry for long email!

Best,

-- 
PGP: 0xa53963936999cbb6
@NarimanGharib 
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing the moderator at 
zakwh...@stanford.edu.

[liberationtech] Iran Internet censorship - latest news

[Nariman Gharib]

Hi Libtech,

Today,
​​
we have noticed Iran is disrupting connections to
​D​
​
​
​
igital
​O
cean, a primary/backup server for a number of circumvention tools like
​ Lantern. Many startups in country also have been stopped working due to
this problem. if you have any suggestions, tools, please feel free to send
over.

https://twitter.com/NarimanGharib/status/948526536734494720

Thanks​

-- 
PGP: 0xa53963936999cbb6
@NarimanGharib 
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing the moderator at 
zakwh...@stanford.edu.

[liberationtech] Instagram security - FYI

[Nariman Gharib]

Hi Libtech,

Just want to share a quick story with you all.

In my country Iran, many of Iranian users are using Instagram because the
service is not block within country, and unfortunately many activists,
artists, journalists are using this service to talk to each other. some use
Telegram but not via secure chat, and also Signal is blocked within
country, so for these ordinary people, it's a easiest way they can
communicate with each other.

Recently I have seen some Iranian attackers, as far as I know, they are
Government - sponsored tried to hack some of our journalists at ManotoTV,
in one case they have managed to get into the account. we saw the same
story with 'Shahin Najafi' and another Iranian rapper which they managed to
get in to.

We have reported to our POC at Facebook, They were very helpful but each
time when we get the account back they have managed to get into it again.

we changed email address to something which nobody can guess it, we
un-linked the account with Facebook, we also enabled 2 factor
authentication, also Instagram team put that account behind the "shield" so
next time anyone wants to do something regarding this specific account it's
going to high security queue.  by they have managed to get in just today
again.

you might say ok maybe this London based User is using a compromised phone,
I've checked the phone but his iPHONE is good from what I'm seeing.

you might say ok maybe his email address got compromised but we didn't
receive any email for requesting new password / or / reset password.

I will get the account back soon via Facebook POC but I believe after 5
times they got into his account and changed all information on that
account, it's something going on with Instagram security it self.

So please if any of your friends are using it for communicate with each
other over DM please tell them to stop it.

Thank You


-- 
PGP: 0xa53963936999cbb6
@NarimanGharib 
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing the moderator at 
zakwh...@stanford.edu.

[liberationtech] Looking for iOS VPN service

[Nariman Gharib]

Hi Libtech,

As the Head of Online Development at Manoto TV, I am writing to require
assistance from
 a company who
​can ​
provide us with secure VPN service for users inside Iran.

Manoto is the leading Iranian Live Satellite TV channel based in London,
with far more viewership than any of our competitors. Many big brands have
selected our TV channel as a primary media partner to deliver
its advertising message to regional businesses. Manoto TV is the premier
business media in the region viewed by over 25 million people.

​Manoto TV has always been a target for Iranian government, from satellite
Jamming to DDoS and Phishing attacks.
​L
ast year we launched the equivalent show to the UK's X-factor, called 'Stage
'.  Throughout the show,
audience were able to engage and vote, using the provided phone number, as
well as the android app and the website. However, due to
governmental restrictions, all numbers were blocked by the Iranian
government, an hour after it was announced, leaving the audience with the
website and the mentioned android app to vote from. Despite all
restrictions, the cooperation of the VPN services, 'Lantern', (GetLantern.org)
allowed
 people inside Iran to be able to easily access our website. As a result,
we also implemented Lantern into our android application.
To test the beta version of our new app please see the link bellow:

 ​
https://play.google.com/store/apps/details?id=com.mtn.manoto.beta
​


This worked in the favor of both parties, since millions of current
users joint lantern due to the Manoto's advertising at the time.


S
​tage will start from 10th of Jan 2017 and we are currently seeking a VPN
service for iOS platform to allow our audience to access our iOS app and
bypass the internet censorship. Please note, this would be generating a lot
of traffic towards your services from this particular region.

​My suggestions:
1- We can create a popup window in our iOS app in order to promote other
iOS Applications. Users can therefore access the app directly from app
store.
2- We can implement your VPN service within the app by using your API.
3- Manoto will promote your app and in return you can provide us with
exclusive promotional codes (e.g 12 months free membership) allowing our
audience to use it without any issues.

Should you require more information about the above mentioned points,
please do not hesitate to contact myself directly.

*useful links: *

   - https://www.ft.com/content/b7bb7a08-a198-11e2-bae1-00144feabdc0 Primetime
   battle for Iran’s airwaves The Islamic regime in Tehran could intensify a
   crackdown on satellite dishes
   - http://freemuse.org/archives/11708 Iran: Singer banned from tv and
   festival
   - http://uk.reuters.com/article/uk-britain-iran-tv-idUKBRE83H0QX20120418
London
   TV channel dips a toe into Iran culture war
   - http://foreignpolicy.com/2016/02/03/how-iranian-spies-tried-
   to-entrap-me-in-a-pret-a-manger/
   

 Iranian
   Spies Tried to Entrap Me in a Pret A Manger
   - https://www.theguardian.com/world/2016/feb/08/telegram-the-
   instant-messaging-app-freeing-up-iranians-conversations
   

Telegram: the instant messaging app freeing up Iranians' conversations
   - http://observers.france24.com/en/20121220-iran-dismantle-sat
   ellite-dishes-tv-tehran Iran’s war on satellite dishes: “We just buy new
   ones the next day"


-- 
PGP: 0xa53963936999cbb6
@NarimanGharib 
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] popular circumvention tools have been blocked in Iran

[Nariman Gharib]

Hi Nathan,

On Wed, Feb 10, 2016 at 12:46 PM, Nathan of Guardian <
nat...@guardianproject.info> wrote:

>
>
> On Wed, Feb 10, 2016, at 06:50 AM, Nariman Gharib wrote:
> > about 2 weeks ago in Manototv.com website I've launched a survey and one
> > of
> > the questions which I've asked from people was : " if you are not using
> > Lantern, which proxy tools are you using. "
>
> Are you saying that, as of now, Lantern is the overwhelming favorite
> solution? Why did you pose the question that way?
>
​Lantern and Hotspotshield.  /// because we are widely promoting Lantern on
the satellite channel and Manototv main mobile application will have
Lantern built-in for Iranian users.

>
> > about 7K people were participated in that survey. You can find the survey
> > here, I hope it help you guys to develop more tools and also help these
> > organisations to improve their services.
> >
> >
> https://docs.google.com/spreadsheets/d/1MjQa9MHZmFx023a3ZvTYSgkzstJm9lZ77ogf6YyZiXw/edit?usp=sharing
>
> Thank you so much for sharing. Always good to have these insights.
>
> > P.S: in the last 1 month I've received 198K new emails to get proxy tool
> > from Iran. // on Telegram, my bot is serving 127K users which in total
> > they've requested about 500K times to get circumvention tools [
> > Psiphon,Lantern,Hotspotshield,FreedomVPN ].
>
> Can we make sure Orbot / Tor is part of that list? The new VPN mode in
> Orbot, plus the new built-in bridges, makes it a good option, as well.
>

​Could you please send me the .apk files ?​


>
> Thanks!
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>



-- 
PGP: 0xa53963936999cbb6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] popular circumvention tools have been blocked in Iran

[Nariman Gharib]

Hi,

Since 5 of  January 2016, Many popular circumvention tools such as Psiphon
have seen a large drop in their connections from Iran. Which leaves
millions of users behind the censorship wall.

You can clearly see the drop on Tor service for Iran in this period:
https://metrics.torproject.org/userstats-relay-country.html?start=2015-11-12&end=2016-02-10&country=ir&events=off

about 2 weeks ago in Manototv.com website I've launched a survey and one of
the questions which I've asked from people was : " if you are not using
Lantern, which proxy tools are you using. "

about 7K people were participated in that survey. You can find the survey
here, I hope it help you guys to develop more tools and also help these
organisations to improve their services.

https://docs.google.com/spreadsheets/d/1MjQa9MHZmFx023a3ZvTYSgkzstJm9lZ77ogf6YyZiXw/edit?usp=sharing


P.S: in the last 1 month I've received 198K new emails to get proxy tool
from Iran. // on Telegram, my bot is serving 127K users which in total
they've requested about 500K times to get circumvention tools [
Psiphon,Lantern,Hotspotshield,FreedomVPN ].



Thank you
@NarimanGharib


-- 
PGP: 0xa53963936999cbb6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] The Iranian Hacking Campaign to Break into Activists' Gmail Accounts

[Nariman Gharib]

"The campaign uses sophisticated techniques to get around the extra
protection provided by Gmail’s two-factor authentication, which requires a
password and a token to log in"...

http://motherboard.vice.com/read/inside-the-iranian-hackers-campaign-to-break-into-activists-gmail-accounts
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Heavily drop packets in VOIP services in Iran

[Nariman Gharib]

Hi Libtech,

I don't know how many of you guys are following situation in Iran, but many
people in west are thinking because of President Rouhani, Internet
censorship situation is getting change and getting better in Iran. but
nothing happened yet. Yes, you haven't heard anything related to blocking
apps,popular services or websites but in other hand they are doing 'smart
filtering' and applying 'drop packet' on some ports and IPs and HTTPs
protocol.

Today for example, I missed my mother and I tried to talk to her on the
Viber. every seconds our connection gets dropped. I recorded this event and
you can see here:
https://www.youtube.com/watch?v=VR8d4xQyPB0&feature=youtu.be

another person on twitter said that: you can't make a correct call within
Iran, Just 'Line' is works and that one is stopped working every minutes.
https://twitter.com/sallar/status/594825884353331202

Then users are suggested him, services like: Skype and Hangout , webex

by the way, between between Feb 3, 2015 – May 3, 2015, I've received more
than 1m Download requests from Iran for downloading circumvention tools but
sadly because i stored my files on AWS and amazon is using HTTPs, most of
times users are having issue to complete the download process. I think it's
because of drop packet which government applied on Internet. (I'm not
expert)

I prepared a small report to give you an idea to what's happening.
https://drive.google.com/file/d/0B0RFLzzTuwqrTnl5REwtSUZLdE0/view?usp=sharing
This report contain URL+Hits (Requests)+Bandwidth Outbound+
Complete(Bytes)Transfers (Requests)

Thanks
N

-- 
PGP: 0xa53963936999cbb6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Information request

[Nariman Gharib]

Hi. 
I'm suggesting "Martus' to you. 

N


> On Feb 5, 2015, at 18:43, Lina Srivastava  wrote:
> 
> Hi all--
> 
> Can someone point me to any apps for citizen reporting on human rights abuses 
> or illegal action that provide a layer of security for the poster but set 
> forth documentation that can be tagged or geo-tagged (with a specific aim at 
> citizen / civ soc action). Does this exist?
> 
> Thanks,
> Lina
> 
> -- 
> Lina Srivastava
> --
> linasrivastava.com  |  twitter  |  linkedin 
> 
> -- 
> Liberationtech is public & archives are searchable on Google. Violations of 
> list guidelines will get you moderated: 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
> change to digest, or change password by emailing moderator at 
> compa...@stanford.edu.
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Iranian are bypass the Twitter censorship and sanction by their mobile phones

[Nariman Gharib]

Yes, but just a name has been added to the list, without give a ability to
the people inside Iran to add their phone numbers and following that
enabling 2-step verification.

I think they will use it for Trend,Ads and other Big data things! BUT it's
one step forward! I hope in the feature they put the fears behind and let
them to enable 2-step verification.



On Wed, Jan 28, 2015 at 12:28 AM, Collin Anderson  wrote:

> Support for Iran, Cuba and a number of other countries has been added to
> Twitter: http://mashable.com/2015/01/27/twitter-iran-cuba/
>
> On Sun, Nov 23, 2014 at 4:18 PM, Nariman Gharib 
> wrote:
>
>> Hi John,
>>
>> On Sun, Nov 23, 2014 at 8:41 PM, John Adams  wrote:
>>
>>> This series of posts conflicts about three different problems. It's
>>> hard to tell what you're having an issue with: Government censorship,
>>> lack of SMS, or 2-factor in the places.
>>>
>>> From what I know:
>>>
>>> 1. If any censorship of Twitter is going on, it's Iran, and not
>>> Twitter that is censoring the communications. If the telcos are
>>> blocking messages from Twitter's SMS source, it's the telcos.
>>>
>>> 2. It's possible Twitter doesn't have a business relationship with any
>>> SMS carriers in the country, so that can break phone verification. You
>>> can still download the client on ios or android and use the code
>>> generation in the client to verify a device, if Twitter is reachable
>>> across the Internet from Iran.
>>
>> ​Google does? Facebook does? you can't activate your 2step verification
>> via app without adding your phone number in Twitter as far as I know.​
>>
>>
>>>
>>> 3. Who blocked this "Trick" of modifying the page with +98? The page
>>> is completely in SSL, so if that change isn't working anymore then
>>> most likely,  Twitter modified the page.
>>>
>>
>> ​Twitter did that.​
>>
>>
>>>
>>> 4. "I wonder if there's a way to get Twitter to remove the restriction
>>> for users based in Iran." --  This is a problem that the Iranian
>>> government needs to solve, not Twitter.
>>>
>> ​Yes you are right. But 'I think' Twitter have a concern about activists
>> and high profile internet users in Iran, because the verification code
>> comes from a text message to the phone number, it's easy for the Government
>> or IRGC to find those Twitter accounts owners.
>>
>>>
>>> It's easier to figure out how to fix these things when you're clear in
>>> the way that you express the problem.
>>>
>> ​You are right and I'm sorry.​
>>
>>
>>>
>>> -j
>>>
>>>
>>> On Sun, Nov 23, 2014 at 9:44 AM, Griffin Boyce 
>>> wrote:
>>> >   I wonder if Twitter restricts accounts to one per phone number. Phone
>>> > verification is readily bypassed with something like twilio, but only
>>> the
>>> > *most* advanced users would be able to pull this off.  It would be
>>> worth
>>> > setting up an app to allow Iranian users to bypass it
>>> semi-automatically,
>>> > but spambots and abusers would *decimate* it.
>>> >
>>> >   I wonder if there's a way to get Twitter to remove the restriction
>>> for
>>> > users based in Iran. There's not really a good reason for it in the
>>> first
>>> > place =/
>>> >
>>> > ~Griffin
>>> >
>>> > Nariman Gharib wrote:
>>> >>
>>> >> no it doesn't. they blocked this 'trick' and also many Iranian users
>>> >> can't register to Twitter anymore because it require phone
>>> >> verification on sign-up page.
>>> >>
>>> >> On Sun, Nov 23, 2014 at 5:11 PM, Kate Krauss 
>>> >> wrote:
>>> >>
>>> >>> Does this still work?
>>> >>>
>>> >>> Thanks,
>>> >>>
>>> >>> Katie
>>> >>>
>>> >>> On Thu, Aug 7, 2014 at 5:34 PM, Nariman Gharib
>>> >>>  wrote:
>>> >>>
>>> >>>> Hi,
>>> >>>> Basically as you knew Iran is not on the country list of Twitter.
>>> >>>> I've reached to Twitter and they know about this issue.
>>> >>>>
>>> >>>> Iranians a

[liberationtech] Receiving phone verification and 2-Step Verification codes through a 'number inside Iran'

[Nariman Gharib]

Hi Libtech,

Many users in Iran are reporting that, since 2-3 months ago when they are
trying to active a application through text
messages(Telegram,Whatsapp,skype...) or receiving 2-step verification for
Google or Facebook, they will receive it through a number inside Iran and
sometimes through mobile USSD.

I want to know anybody here know is it a big deal or not and how we can
solve this issue?

Many Thanks
@Listentous
N

-- 
PGP: 0xa53963936999cbb6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Any thoughts on the OPERATION CLEAVER reports?

[Nariman Gharib]

"OPERATION CLEAVER: A new global cyber power has emerged; one that has
already compromised some of the world’s most critical infrastructure. The
Operation Cleaver report sheds light on the efforts of a coordinated and
determined group working to undermine the security of at least 50 companies
across 15 industries in 16 countries. Our report unveils the tactics,
techniques and procedures used in what it still an ongoing campaign. "

http://cylance.com/operation-cleaver/



-- 
PGP: 0xa53963936999cbb6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Data from Iran shows which circumvention tools are most popular

[Nariman Gharib]

Thank you all,

Basically the numbers are in total. Instead of donations, I'm looking for
possible collaboration with other organisation that they
provide circumvention tools. For instance, it would be good if some
commercial companies which provide VPN can offer free VPN for Iranians.

Thanks

On Fri, Nov 28, 2014 at 6:51 PM, Nick  wrote:

> Quoth Griffin Boyce:
> > [1] for comparison, downloads through Satori have been around 82k
> > from AWS since March.
>
> That's great, too, Griffin! Is that 82k from Iran, or in total?
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>



-- 
PGP: 0xa53963936999cbb6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Data from Iran shows which circumvention tools are most popular

[Nariman Gharib]

Thank you.

The stats size is based on Download request which I received through AWS
which is something around 290,000 from 14Nov to 28Nov.
Subscribers: 84K


N


On Fri, Nov 28, 2014 at 3:21 PM, Patrick  wrote:

> Nariman,
>
> This is really interesting stuff. How many people subscribe and what is
> the sample size for these stats?
>
> On Fri, Nov 28, 2014 at 10:06 AM, Nariman Gharib 
> wrote:
>
>> Hi folks,
>>
>> I have a biweekly newsletter for Iranians and send circumvention tools to
>> them by email. I'm using AWS for storing all files. Today, I published a
>> series of data from the log reports.
>>
>> I hope this would be interesting for researchers and other organisations
>> who help Internet Freedom in Iran and MENA.
>>
>>
>> This chart shows which circumvention tools are the most popular:
>>
>> https://www.google.com/fusiontables/DataSource?docid=10ak9FhkIktUcEK1rEM8bhcDKsVS5SjzCDWg4Ss5G
>>
>>
>> This one shows what is the most popular OS amongst my subscribers:
>>
>>
>> https://www.google.com/fusiontables/DataSource?docid=1D5H1LGgg2GXRAQphE9ksKp7gGHxUm9v_RovVwg8F
>>
>> Many Thanks
>> N
>>
>> --
>> PGP: 0xa53963936999cbb6
>>
>> --
>> Liberationtech is public & archives are searchable on Google. Violations
>> of list guidelines will get you moderated:
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
>> Unsubscribe, change to digest, or change password by emailing moderator at
>> compa...@stanford.edu.
>>
>
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>



-- 
PGP: 0xa53963936999cbb6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Data from Iran shows which circumvention tools are most popular

[Nariman Gharib]

Hi folks,

I have a biweekly newsletter for Iranians and send circumvention tools to
them by email. I'm using AWS for storing all files. Today, I published a
series of data from the log reports.

I hope this would be interesting for researchers and other organisations
who help Internet Freedom in Iran and MENA.


This chart shows which circumvention tools are the most popular:
https://www.google.com/fusiontables/DataSource?docid=10ak9FhkIktUcEK1rEM8bhcDKsVS5SjzCDWg4Ss5G


This one shows what is the most popular OS amongst my subscribers:

https://www.google.com/fusiontables/DataSource?docid=1D5H1LGgg2GXRAQphE9ksKp7gGHxUm9v_RovVwg8F

Many Thanks
N

-- 
PGP: 0xa53963936999cbb6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Iranian are bypass the Twitter censorship and sanction by their mobile phones

[Nariman Gharib]

Hi John,

On Sun, Nov 23, 2014 at 8:41 PM, John Adams  wrote:

> This series of posts conflicts about three different problems. It's
> hard to tell what you're having an issue with: Government censorship,
> lack of SMS, or 2-factor in the places.
>
> From what I know:
>
> 1. If any censorship of Twitter is going on, it's Iran, and not
> Twitter that is censoring the communications. If the telcos are
> blocking messages from Twitter's SMS source, it's the telcos.
>
> 2. It's possible Twitter doesn't have a business relationship with any
> SMS carriers in the country, so that can break phone verification. You
> can still download the client on ios or android and use the code
> generation in the client to verify a device, if Twitter is reachable
> across the Internet from Iran.

​Google does? Facebook does? you can't activate your 2step verification via
app without adding your phone number in Twitter as far as I know.​


>
> 3. Who blocked this "Trick" of modifying the page with +98? The page
> is completely in SSL, so if that change isn't working anymore then
> most likely,  Twitter modified the page.
>

​Twitter did that.​


>
> 4. "I wonder if there's a way to get Twitter to remove the restriction
> for users based in Iran." --  This is a problem that the Iranian
> government needs to solve, not Twitter.
>
​Yes you are right. But 'I think' Twitter have a concern about activists
and high profile internet users in Iran, because the verification code
comes from a text message to the phone number, it's easy for the Government
or IRGC to find those Twitter accounts owners.

>
> It's easier to figure out how to fix these things when you're clear in
> the way that you express the problem.
>
​You are right and I'm sorry.​


>
> -j
>
>
> On Sun, Nov 23, 2014 at 9:44 AM, Griffin Boyce 
> wrote:
> >   I wonder if Twitter restricts accounts to one per phone number. Phone
> > verification is readily bypassed with something like twilio, but only the
> > *most* advanced users would be able to pull this off.  It would be worth
> > setting up an app to allow Iranian users to bypass it semi-automatically,
> > but spambots and abusers would *decimate* it.
> >
> >   I wonder if there's a way to get Twitter to remove the restriction for
> > users based in Iran. There's not really a good reason for it in the first
> > place =/
> >
> > ~Griffin
> >
> > Nariman Gharib wrote:
> >>
> >> no it doesn't. they blocked this 'trick' and also many Iranian users
> >> can't register to Twitter anymore because it require phone
> >> verification on sign-up page.
> >>
> >> On Sun, Nov 23, 2014 at 5:11 PM, Kate Krauss 
> >> wrote:
> >>
> >>> Does this still work?
> >>>
> >>> Thanks,
> >>>
> >>> Katie
> >>>
> >>> On Thu, Aug 7, 2014 at 5:34 PM, Nariman Gharib
> >>>  wrote:
> >>>
> >>>> Hi,
> >>>> Basically as you knew Iran is not on the country list of Twitter.
> >>>> I've reached to Twitter and they know about this issue.
> >>>>
> >>>> Iranians are gets very active on Twitter after 2009 Pres.Election
> >>>> till now and the numbers of the users all of the time are growing.
> >>>> It's sad we see Twitter hasn't Iran on the list while Google and
> >>>> other networks are supporting Iran's telephone numbers for give
> >>>> the users the option to enable the 2step verification.
> >>>>
> >>>> so today I wrote an article on my blog and teach iranians how they
> >>>> can active their twitter telephone number(SMS service and active
> >>>> their 2step verification) from inside iran.
> >>>> https://twitter.com/ListenToUs/status/497374522426015744 [1]
> >>>>
> >>>> how: actually when you are going to submit a number of twitter
> >>>> website, with Inspect element on chrome you can add +98 on the
> >>>> form and write your in the telephone number field and twitter will
> >>>> send you a text message and everything is going to successful.
> >>>>
> >>>> and many iranians are now have twitter verification on their
> >>>> phones and some of them like this man:
> >>>> https://twitter.com/ziarlarimi/status/497484191613726720 [2]
> >>>> texting from IRAN without using any circumvention tools.
>

Re: [liberationtech] Iranian are bypass the Twitter censorship and sanction by their mobile phones

[Nariman Gharib]

no it doesn't. they blocked this 'trick' and also many Iranian users can't
register to Twitter anymore because it require phone verification on
sign-up page.

On Sun, Nov 23, 2014 at 5:11 PM, Kate Krauss  wrote:

> Does this still work?
>
> Thanks,
>
> Katie
>
> On Thu, Aug 7, 2014 at 5:34 PM, Nariman Gharib 
> wrote:
>
>> Hi,
>> Basically as you knew Iran is not on the country list of Twitter. I've
>> reached to Twitter and they know about this issue.
>>
>> Iranians are gets very active on Twitter after 2009 Pres.Election till
>> now and the numbers of the users all of the time are growing. It's sad we
>> see Twitter hasn't Iran on the list while Google and other networks are
>> supporting Iran's telephone numbers for give the users the option to enable
>> the 2step verification.
>>
>> so today I wrote an article on my blog and teach iranians how they can
>> active their twitter telephone number(SMS service and active their 2step
>> verification) from inside iran.
>> https://twitter.com/ListenToUs/status/497374522426015744
>> how: actually when you are going to submit a number of twitter website,
>> with Inspect element on chrome you can add +98 on the form and write your
>> in the telephone number field and twitter will send you a text message and
>> everything is going to successful.
>>
>> and many iranians are now have twitter verification on their phones and
>> some of them like this man:
>> https://twitter.com/ziarlarimi/status/497484191613726720 texting from
>> IRAN without using any circumvention tools.
>>
>> I hope twitter will decide to add Iran to the 'INTERFACE' of the
>> website,because on the backend everything is fine.
>>
>> Thanks
>> Nariman
>>
>> --
>> PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
>>
>> --
>> Liberationtech is public & archives are searchable on Google. Violations
>> of list guidelines will get you moderated:
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
>> Unsubscribe, change to digest, or change password by emailing moderator at
>> compa...@stanford.edu.
>>
>
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>



-- 
PGP: 0xa53963936999cbb6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Tor Project website blocked by many UK ISPs as "adult content"

[Nariman Gharib]

There is no problem here. I'm on Virgin media. also that url you mentioned
is showing the result of HTTP of Torproject website.

N

On Thu, Nov 6, 2014 at 4:11 PM, Griffin Boyce  wrote:

>
> Apparently allowing unsurveilled/unfiltered speech is considered adult
> content by many UK service providers.
>
> Currently blocking:
> British Telecom (sometimes)
> EE
> O2
> Sky
> Virgin Media
> Vodafone
>
> Special thanks to Scott Ainslie for bringing this to my attention:
> https://www.blocked.org.uk/results?url=http://www.torproject.org/
>
> ~Griffin
>
> --
> "I believe that usability is a security concern; systems that do
> not pay close attention to the human interaction factors involved
> risk failing to provide security by failing to attract users."
> ~Len Sassaman
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated: https://mailman.stanford.edu/
> mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change
> password by emailing moderator at compa...@stanford.edu.
>



-- 
PGP: 0xa53963936999cbb6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] FYI: Making Connections to Facebook more Secure

[Nariman Gharib]

It’s important to us at Facebook to provide methods for people to use
our site securely. People connect to Facebook in many different ways,
which is why we have implemented HTTPS across our service, and Perfect
Forward Secrecy, HSTS, and other technologies which help give people
more confidence that they are connected securely to Facebook.


That doesn’t mean we can’t improve yet further.


Consider Tor: Tor challenges some assumptions of Facebook's security
mechanisms - for example its design means that from the perspective of
our systems a person who appears to be connecting from Australia at
one moment may the next appear to be in Sweden or Canada. In other
contexts such behaviour might suggest that a hacked account is being
accessed through a “botnet”, but for Tor this is normal.


Considerations like these have not always been reflected in Facebook's
security infrastructure, which has sometimes led to unnecessary
hurdles for people who connect to Facebook using Tor. To make their
experience more consistent with our goals of accessibility and
security, we have begun an experiment which makes Facebook available
directly over Tor network at the following URL:


https://facebookcorewwwi.onion/


[ NOTE: link will only work in Tor-enabled browsers ]


Facebook Onion Address


Facebook's onion address provides a way to access Facebook through Tor
without losing the cryptographic protections provided by the Tor
cloud.


The idea is that the Facebook onion address connects you to Facebook's
Core WWW Infrastructure - check the URL again, you'll see what we did
there - and it reflects one benefit of accessing Facebook this way:
that it provides end-to-end communication, from your browser directly
into a Facebook datacentre.


We decided to use SSL atop this service due in part to architectural
considerations - for example, we use the Tor daemon as a reverse proxy
into a load balancer and Facebook traffic requires the protection of
SSL over that link. As a result, we have provided an SSL certificate
which cites our onion address; this mechanism removes the Tor
Browser's “SSL Certificate Warning” for that onion address and
increases confidence that this service really is run by Facebook.
Issuing an SSL certificate for a Tor implementation is - in the Tor
world - a novel solution to attribute ownership of an onion address;
other solutions for attribution are ripe for consideration, but we
believe that this one provides an appropriate starting point for such
discussion.


Over time we hope to share some of the lessons that we have learned -
and will learn - about scaling and deploying services via the Facebook
onion address; we have many ideas and are looking forward to improving
this service.  A medium-term goal will be to support Facebook's
mobile-friendly website via an onion address, although in the meantime
we expect the service to be of an evolutionary and slightly flaky
nature.


We hope that these and other features will be useful to people who
wish to use Facebook's onion address.


Finally, we would like to extend our thanks to Ms. Runa Sandvik and to
Dr. Steven Murdoch of UCL for their kind assistance and generous
advice in the development of this project.


Alec Muffett is a Software Engineer for Security Infrastructure at
Facebook London.


SOURCE: 
https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237


-- 
PGP: 0xa53963936999cbb6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Iranian and Twitter's Dick Costolo

[Nariman Gharib]

Hi,

This week, Dick constolo did a good job which,  he spoke with Iran foreign
minister on the phone and sent tweet to Hassan Rouhani about unblocking
Twitter In Iran.

Today, Iranian Twitter users have launched a new campaign and asking,
D.constolo to add Iran to Twitter country list for 2step verification and
more security for users inside Iran.

more: https://twitter.com/ListenToUs/status/516186457527300096

Thanks
Nariman
@Listentous

-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Problem with Google 2-step verification

[Nariman Gharib]

Hi,
If someone hacked into your account with your backup codes or somehow and
after that the attacker wants to add his mobile phone number to your
account and will remove your primary number from account, Google doesn't
send you any alert or confirmation. so after that the attacker can enable
the 2step verification with his own number and you will lost access to your
account.

https://accounts.google.com/b/0/SmsAuthSettings#devices

Thanks
Nariman
@Listentous

-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Yahoo is return Iran to their country lists

[Nariman Gharib]

Hi,
Please Accept My Apologies if I'm spamming you.

Yahoo is return Iran to their country list, so Iranian people now can sign
up for Yahoo services,Again. They removed Iran from the list a long time
ago due sanctions.

old story which is related to this news:
http://mashable.com/2014/05/01/yahoo-iran-email/

Thanks
Nariman
@Listentous


-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Iran says: we can monitor Viber and Whatsapp

[Nariman Gharib]

Hi,
Today, Iran's Chief of cyber police warned people who send jokes about The
leader and founder of the Islamic revolution, Ayatollah Ruhollah Khomeini
via social media and mobile apps, saying action will taken against those
insulting Khomeini in Viber and Whatsapp[1]. He went on to warn social
media users that the police can monitor these applications.[2]

This is the first time an Iranian official acknowledges that they are
monitoring mobile applications in Iran.

[1] http://www.rferl.org/content/khomeini-jokes-iran/26569867.html
[2] http://khabaronline.ir/detail/374963/society/Police -FA

Thanks
Nariman
@Listentous


-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Facebook has been removed old restriction for Iranian

[Nariman Gharib]

Hi,
​FYI, ​Facebook has removed 'restricted access' to Facebook developers
platform for Iranian. [ this restricted were include all Iranian[s] and not
specific range of IPs)


Thanks
Nariman
@Listentous

-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Iranian are bypass the Twitter censorship and sanction by their mobile phones

[Nariman Gharib]

Hi,
Basically as you knew Iran is not on the country list of Twitter. I've
reached to Twitter and they know about this issue.

Iranians are gets very active on Twitter after 2009 Pres.Election till now
and the numbers of the users all of the time are growing. It's sad we see
Twitter hasn't Iran on the list while Google and other networks are
supporting Iran's telephone numbers for give the users the option to enable
the 2step verification.

so today I wrote an article on my blog and teach iranians how they can
active their twitter telephone number(SMS service and active their 2step
verification) from inside iran.
https://twitter.com/ListenToUs/status/497374522426015744
how: actually when you are going to submit a number of twitter website,
with Inspect element on chrome you can add +98 on the form and write your
in the telephone number field and twitter will send you a text message and
everything is going to successful.

and many iranians are now have twitter verification on their phones and
some of them like this man:
https://twitter.com/ziarlarimi/status/497484191613726720 texting from IRAN
without using any circumvention tools.

I hope twitter will decide to add Iran to the 'INTERFACE' of the
website,because on the backend everything is fine.

Thanks
Nariman

-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] All licenses have been revoked by Norton due to Iran's sanctions!

[Nariman Gharib]

Confirmation from Symantec:
https://support.norton.com/sp/en/us/home/current/solutions/v99475449_EndUserProfile_en_us?inid=embargo_activation_error_hho_supp_kb&OpenDocument&src=invalid_embargoed



On Wed, Jul 30, 2014 at 7:46 PM, Silent1  wrote:

> I wonder if this is related to the new sanctions against Russia and
> they’ve applied them to the wrong group, the timing is very coincidental
> otherwise.
>
>
>
> Silent1
>
>
>
> *From:* liberationtech [mailto:liberationtech-boun...@mailman.stanford.edu]
> *On Behalf Of *Nariman Gharib
> *Sent:* Wednesday, July 30, 2014 10:32 AM
> *To:* liberationtech
> *Subject:* [liberationtech] All licenses have been revoked by Norton due
> to Iran's sanctions!
>
>
>
> Hi,
>
> I received many reports from Iran which people saying that their Norton
> Licenses which bought through someone in outside country or some resellers
> inside Iran who access to credit cards have been revoked from Norton.
>
>
>
> one of them contacted Norton and they said that we can't speak with you
> through phone because we have no business with Iran. [I have a case number
> as well.]
>
>
>
> ​when people are going to Norton website they will see this message below,
> before that you should know that US Treasury lifted some sanctions include
> selling Anti Virus to Iran about 5,6 month ago.
> http://oti.newamerica.net/blogposts/2014/us_government_clarifies_tech_authorizations_under_iranian_sanctions-103425
>
>
>
> The message from Norton website:
> http://buy-static.norton.com/estore/html/EmbargoedCountriesPage.html
>
>
>
> "
>
> Embargoed Country
>
> We're sorry that we are unable to process your request for Symantec
> products.
>
>
>
> Symantec screens orders to ensure it does not export products in breach of
> government regulations. As part of the screening process, your
> order has been cancelled for one of the following reasons:
>
>
>
> 1)There is an export restriction from the country of origin to the
> ordering party or named end user.
>
> 2)There is an export restriction from the country of origin to the
> destination country.
>
> If you feel that you have received this notification in error, please send
> an email to export_screening_conc...@symantec.com.​ "
>
>
>
>
>
> Thanks
>
> Nariman
>
> @Listentous
>
>
>
> --
>
> PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
> --
>
> AVG found no virus found in this message at the point of sending.
> Checked by AVG - www.avg.com
> Version: 2014.0.4716 / Virus Database: 3986/7949 - Release Date: 07/30/14
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>



-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] All licenses have been revoked by Norton due to Iran's sanctions!

[Nariman Gharib]

Hi,
I received many reports from Iran which people saying that their Norton
Licenses which bought through someone in outside country or some resellers
inside Iran who access to credit cards have been revoked from Norton.

one of them contacted Norton and they said that we can't speak with you
through phone because we have no business with Iran. [I have a case number
as well.]

​when people are going to Norton website they will see this message below,
before that you should know that US Treasury lifted some sanctions include
selling Anti Virus to Iran about 5,6 month ago.
http://oti.newamerica.net/blogposts/2014/us_government_clarifies_tech_authorizations_under_iranian_sanctions-103425

The message from Norton website:
http://buy-static.norton.com/estore/html/EmbargoedCountriesPage.html

"
Embargoed Country
We're sorry that we are unable to process your request for Symantec
products.

Symantec screens orders to ensure it does not export products in breach of
government regulations. As part of the screening process, your order has
been cancelled for one of the following reasons:

1)There is an export restriction from the country of origin to the ordering
party or named end user.
2)There is an export restriction from the country of origin to the
destination country.
If you feel that you have received this notification in error, please send
an email to export_screening_conc...@symantec.com.​ "


Thanks
Nariman
@Listentous

-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Lantern censorship circumvention tool public download

[Nariman Gharib]

Hi Derek,
Thanks for share this news with us. It's good news for people in countries
like Iran. :)


N


On Sun, Jul 13, 2014 at 7:23 PM, Derek Frech  wrote:

> Hey LibTech,
>
>   We are happy to announce that Lantern (censorship circumvention
> tool) is no longer invite only.  As of yesterday, we have released a public
> download of the software via our website https://getlantern.org/
> 
>
> In addition we have also just received non-profit status so that all
> donations to our fundraising campaign are tax deductible
> http://igg.me/at/getlantern/x/7966578
>
> All the Best,
>   Team Lantern
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>



-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Iran has been blocked Facebook's Bots ( crawlers )

[Nariman Gharib]

Hi Collin,
If you check it from Facebook debugger tool on Facebook website you will see 
this is happening. Also for sure you can check khabaronline website too. 

Thanks
Nariman



> On Jun 20, 2014, at 9:59 PM, Collin Anderson  
> wrote:
> 
> Hi Nariman,
> 
> Attempted to fetch Asr Iran using the facebookexternalhit User Agent and it 
> worked fine. I suspect this is the product of firewall rules against 
> Facebook's subnets as a backup for when the filter fails, and not an 
> intentional attempt to block Facebook's bot. It certainly would not benefit 
> Press TV, and perhaps if there are people from TCI on this list, they might 
> want to limit the restriction to outgoing connections.
> 
> Cordially,
> Collin
> 
> 
>> On Thu, Jun 19, 2014 at 7:06 AM, Nariman Gharib  wrote:
>> Hi Libtech,
>> From now on Facebook Bots  (or facebookexternalhit  ) can't  access to 
>> Iranian websites in Iran (website hosts inside country)
>> 
>> For example when users are going to share a link from a news agency website 
>> inside Iran which has a own server inside Iran, people can't see the preview 
>> of links content on FB. like www. asriran .ir
>> 
>> 
>> ​Thanks
>> Nariman
>> @Listentous​
>> 
>> -- 
>> PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
>> 
>> --
>> Liberationtech is public & archives are searchable on Google. Violations of 
>> list guidelines will get you moderated: 
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
>> change to digest, or change password by emailing moderator at 
>> compa...@stanford.edu.
> 
> 
> 
> -- 
> Collin David Anderson
> averysmallbird.com | @cda | Washington, D.C.
> -- 
> Liberationtech is public & archives are searchable on Google. Violations of 
> list guidelines will get you moderated: 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
> change to digest, or change password by emailing moderator at 
> compa...@stanford.edu.
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Iran has been blocked Facebook's Bots ( crawlers )

[Nariman Gharib]

Hi Libtech,
>From now on Facebook Bots  (or facebookexternalhit ) can't  access to
Iranian websites in Iran (website hosts inside country)

For example when users are going to share a link from a news agency website
inside Iran which has a own server inside Iran, people can't see the
preview of links content on FB. like www. asriran .ir


​Thanks
Nariman
@Listentous​

-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Google Play is available again in Iran

[Nariman Gharib]

Hi,
from two hrs ago Iranian users inside Iran reports that, they're able to
download/update apps from Play store apps on their phones without any
sanctions & without using circumvention tools .

I don't know this is a 'glitch' or Google completely Removed the sanction.
In the past Google lift the sanction and said that developers should add
Iran to their apps country list to access Iranian to download their apps,
however sometimes Iranian got 403 error:
https://twitter.com/ListenToUs/status/478892365625982976

so now they can download/update anything directly from Play Store. I'm just
waiting for more information. If you want to follow this story please off
the list contact me.


Thanks
Nariman
@Listentous
-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] when you are using Tor, Twitter will blocked your acc

[Nariman Gharib]

You can see Iranian people are complaining about it on Twitter :)

also because of 'Sanction' Twitter hasn't Iran on it's country lists. so
people can't enable 2FA.

Thanks alot
Nariman


On Sun, Jun 8, 2014 at 9:42 PM, Nathan of Guardian <
nat...@guardianproject.info> wrote:

> On 06/07/2014 05:39 AM, Nariman Gharib wrote:
> >
> > Many Tor users inside Iran reported that while they are using
> > Tor/Orbot for login into Twitter, Twitter blocked their accounts and
> > forced them to change their password. it happened everyday and every
> > time you are login to your account.
> >
> > what solution do you have for solve this problem?
> There must be another factor than just using Tor. I (as the primary
> developer of Orbot), run my Twitter app through Orbot 100% of the time,
> and have never had a password change request.
>
> Hopefully, we can get Twitter to weigh in, but it would be good to know
> if this is happening due to geographic region or some sort of
> false-positive botnet profiling.
>
> In the worst case scenario, maybe their accounts are being accessed to
> do Exit Node man-in-the-middle somehow, and Twitter is actually being
> helpful. I have seen no evidence of that though.
>
> Best,
>   Nathan
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>



-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
www.NARIMAN.Tel
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] when you are using Tor, Twitter will blocked your acc

[Nariman Gharib]

Dear Libtech,

Many Tor users inside Iran reported that while they are using Tor/Orbot for
login into Twitter, Twitter blocked their accounts and forced them to
change their password. it happened everyday and every time you are login to
your account.

what solution do you have for solve this problem?


Thanks
Nariman
@Listentous



-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Wired : Heartbleed Redux: Another Gaping Wound In Web Encryption Uncovered

[Nariman Gharib]

FYI!

http://www.wired.com/2014/06/heartbleed-redux-another-gaping-wound-in-ssl-uncovered

"  “This vulnerability allows malicious intermediate nodes to intercept
encrypted data and decrypt them while forcing SSL clients to use weak keys
which are exposed to the malicious nodes,” reads an FAQ published by
Kikuchi’s employer, the software firm Lepidum
. Ashkan Soltani, a privacy researcher
who has been involved in analyzing the Snowden NSA leaks for the NSA and
closely tracked SSL’s woes, offers this translation: “Basically, as you and
I are establishing a secure connection, an attacker injects a command that
fools us to thinking we’re using a ‘private’ password whereas we’re
actually using a public one.”

Unlike the Heartbleed flaw, which allowed anyone to directly attack any
server using OpenSSL, the attacker exploiting this newly discovered bug
would have to be located somewhere between the two computers communicating.
But that still leaves open the possibility that anyone from an eavesdropper
on your local Starbucks’ network to the NSA to strip away your Web
connection’s encryption before it’s even initialized.

According to a blog post by Kikuchi
,
the flaw has existed since the very first release of OpenSSL in 1998. He
argues that despite the widespread dependence on the software and its
recent scrutiny following the Heartbleed revelation, OpenSSL’s code still
hasn’t received enough attention from security researchers. “The biggest
reason why the bug hasn’t been found for over 16 years is that code reviews
were insufficient, especially from experts who had experiences with TLS/SSL
implementation,” he writes. “They could have detected the problem.”
​ "

http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html
​



-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
www.NARIMAN.Tel
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Google keeps the chat history even you enabled the OTR

[Nariman Gharib]

Hey all,

Just I want to remind you, Gmail is keeping your chat history even you
enable the OTR on your gmail chat.

how? if you going to plus.google.com and on the top right side of the page
you click on the Hangout, and then select a person who you talked to him
recently, you can see your all chat history is come up! you can delete
manually your chat history from there too, but too sides should do the same
things. I don't know after these things Google will keep our chat history
or not!!! but I think this is a bug in Gmail service.


Thanks
Nariman

-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
www.NARIMAN.Tel
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] a big Privacy Violation in Tango App

[Nariman Gharib]

Hi,

Tango APP is very popular in the world and in Iran more than 2million users
are using It right now! by the way,

if you are using Tango app ok no problem, but if you not register your
number in Tango yet, YES, THERE IS SOME PROBLEM!

Download the latest Tango software for windows, Insert your mobile phone
number. if> your mobile phone already activated in another device, tango
will send you a verify code. BUT if> your number is not in Tango  DB ,
Tango without sending any code to your phone, will activated your tango.

what's happened next?

all of your contacts which have your number inside their phones can see YOU
ARE USING TANGO NOW! and you can see the list of bunch of people with name
last name and.. in your Tango, but that user is not you. That user maybe me
or another person and then because you can see the name and last name of
persons, pictures and other updates you can do anything with them( which is
wrong but for clear understanding ).


​Thanks
Nariman​

-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
www.NARIMAN.Tel
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] if you are a circuvmention tool developer, please FREE it now for Iranian

[Nariman Gharib]

Thanks Alster,


>
>
>
> 3. You're basically saying that your website is acting as a portal for
> people to regain access to the Internet. If that's so, you really should
> not give them a false sense of security:
> https://www.ssllabs.com/ssltest/analyze.html?d=secure.filtershekanha.com
>
> Currently, this SSL configuration is easily circumvented, allowing to
> man-in-the-middle all of your visitors. (Please message me off-list if I
> can help you fix your webserver configuration.)
>

I'll message to you about that in privately. but a quick note: I just used
the free SSL certificate not to encrypt the communication in website but
just for give a un-censored url to Iranian people. which is government
block my main domain not https:// secure.filtershekanha .com - and also I'm
emailing people circumvention tools via Mailchimp and those circumvention
tools are not hosted in my websites. just there is a link in emails.

>
>
> 4. You seem to currently recommend closed-source adware supported
> single-hop VPN clients as a workaround.
> This most likely means that
>
>  - the companies providing these VPNs can perfectly tell what the users
> using them are doing, may also log it, and are thus susceptible to
> traffic and log recovery by means of governmental interventions and hacking
>
>  - you can't really tell what this software does and where it and the
> servers it connects to may send all the traffic to (in addition to the
> intended locations)
>
>  - you can't really tell whether the sites you access through these VPNs
> are really the sites you want to access
>
>  - the ads allow the advertisement networks (and anyone who can convince
> them to share this information) to track precisely what the users are doing
>
> That is to say, while those tools may seem to provide a great way to
> overcome the censorship, using them may very well play into the hands of
> "security forces", enabling them to keep track of what activists (or
> just anyone with a non-official opinion) are doing, and to build files
> on them.
>
> People in other countries have been displaced, incarcerated, tortured
> and even killed due to exactly these mistakes (recommendation and use of
> bad censorship circumvention tools) in the past. I really hope this is
> not going to happen this time around.
>

I know about that and it's going to be dangerous for Iranian or other
people in similar country to Iran, but most of people in Iran doesn't CARE
about these things. they just want to go facebook,youtube,twitter and...(
actually most of websites are blocked :) ) . even we know who behind of
these tools,Personally actually from last week after I talked to a expert I
decided to give users all options/all tools and just saying that the
trusted and secure tool at this moment just is TOR.​​

>
>
> 5. I fully understand that recommending against something is of no use
> if no alternative is provided. I think Tor makes a great alternative if
> people care about both circumventing censorship and remaining anonymous
> (if used as documented). Yes, it does slow things down. But if you
> compare to the previous paragraph then it might be worth this?
>
​I recommended to people using TOR and for example from a week ago until
now thousands people now using ORBOT and TOR via my newsletter. ( I'm not
sure about the users but the clicks number goo.gl gave it to me are up to
10k clicks for these to tools )​

TOR is Good. but for example when government blocked the some TOR's ip, we
should provide bridges for users( IF  AM IF RIGHT). so Imagine I emailed to
my subscribers these new bridges so after 2days they will blocked, so
what's the next and good option?

>
> There may be other options, possibly including single and multi hop VPNs
> which are just not as bad as the ones currently in use. If you are
> willing to consider other options, I bet the contributors to this
> mailing list will be happy to provide more suggestions.
>

Yes, I'm in.​​

>
> Alster
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>



-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
www.NARIMAN.Tel
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] if you are a circuvmention tool developer, please FREE it now for Iranian

[Nariman Gharib]

Dear Libtech,

I don't want to waste your time, So I'll go straight to the point.

you all knew about The censorship In Iran. since Psiphon had a problem
inside Iran, people were starting to using other free software, but yeah
nothing is 100% in this world.

in these past weeks since I launched my website/newsletter (Filtershekanha
.com) which is help Iranian(about 45k till now) to bypass the censorship by
sending them circumvention tools through (email), I noticed something,
which most of the tools which is work for Iran are having a advertise or
time limitation.

In Iran you are not paying for Internet cost as a unlimited data like
outside of Iran, people are buying Internet like 2gig/3gig/ bandwidth
per month, which is the Internet price in Iran is very expensive and you
haven't a good service.

second thing is Iranian people inside Iran haven't any credit card or
paypal account. yes you can pay someone who has a paypal and that person
buy a service for you. but everyone can't effort that.

by the way I asking people here at Libtech, PLEASE if you owner of the
circumvention tool like Hotspot shield, Hideman VPN, Solo vpn or other
'FREE' tools which have a ads/time limit, please do something good for
Iranian.

A good example: https:// play.google.
com/store/apps/details?id=tinballsoft.android.iranstc


Thank you very much
Nariman
@Listentous

-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Maliciously Repackaged Psiphon Found

[Nariman Gharib]

Hi Ronald,
as you knew that it's not the first time and also they did similar thing to
Psiphon ( Iranian version ) .

https:// malwr
.com/analysis/Y2ZiNTVjYjdiODk5NGM5NGIzZmVkYzY4YTQ1MDI4ZGE/#signature_infostealer_browser

Personally I will start to teaching people from tomorrow to how they can
recognize fake/malware version of Psiphon and the real/original one.

Thanks for it. it's very useful.

Nariman


On Thu, Mar 13, 2014 at 6:30 PM, Ronald Deibert wrote:

> Dear Libtech,
>
> In the past 24 hours Citizen Lab researchers have been tracking a
> maliciously re-packaged version of Psiphon 3, the popular circumvention
> tool.  The file drops a working copy of Psiphon 3 as well as an njRAT
> implant.  This is likely part of a targeted attack against the Syrian
> opposition by a known actor, not all users of Psiphon.
>
> This brief note describes the implant’s appearance and behavior, then
> explains how to obtain and verify genuine copies of Psiphon 3. The Psiphon
> team is monitoring the attack, and give these instructions on how to
> check your copy of Psiphon 3
> .
>
> Click Here to read the full 
> note by
> Research Fellow John Scott-Railton.
>
> And I am copying and pasting the report below:
>
> Maliciously Repackaged Psiphon Found
>
> *March 13, 2014*
>
> Tagged: Malware , Psiphon 
> 3
> , Surveillance , 
> Syria
> Categories: Reports and 
> Briefings
>
> *Author: John Scott-Railton*
> Summary
>
> The Citizen Lab developed the original design of Psiphon, a censorship
> circumvention software, which was spun out of the lab into a private
> Canadian corporation (Psiphon Inc.) in 2008. In the past 24 hours, we have
> identified a* malicious repackaging of the Psiphon 3* circumvention tool.
>  The malware contains both a functioning copy of Psiphon, and the njRAT
> trojan. When executed, the implant communicates with a Syrian Command and
> Control server.  *This is likely part of a targeted attack against the
> Syrian opposition by a known actor, not all users of Psiphon*.
>
> Interestingly, this is not the first time we identified a malicious
> repackaging of circumvention programs in the context of the Syrian
> conflict.  For example, in June 2013 we published a report describing how
> attackers had maliciously modified the proxy software 
> Freegate
> .
>
> This brief note describes the implant’s appearance and behavior, then
> explains how to obtain and verify genuine copies of Psiphon 3.  The Psiphon
> team is monitoring the attack, and Karl Kathuria (Psiphon’s VP) encourages
> all new users of Psiphon to check the validity of their client. If in
> doubt, visit psiphon.ca  to download a
> new copy.
> Details and Appearance of the Malware
>
> The file name and icon are intended to appear identical to a genuine
> Psiphon 3 executable file.  The malware is believed to be part of an active
> campaign.
> [image: Malicious (left) and genuine (right) Psiphon 3 icons]
>
> Malicious (left) and genuine (right) Psiphon 3 icons
>
> *File Properties*
> Filename: psiphon.exe
> MD5: 28bf01f67db4a5e8e6174b066775eae0
>
> The malware was first observed on the night of 11 March 2014 (Pacific
> Time):  Virus Total has the 
> binary
>  with
> detection of 3/50 at time of writing.
>
> Examination of the properties of a malicious and genuine Psiphon 3
> provides the first clue that the file may not be what it seems.  The
> malicious packaging is unsigned, whereas Psiphon 3 is always signed.
> [image: Malicious package (left) and legitimate Psiphon 3 (right). Note
> the original "Windows.exe" file name and the absence of a digital signature
> in the malicious 
> file.]
>
> *Malicious file (left)* and *genuine Psiphon 3 (right)*. Note the
> original “Windows.exe” file name and the absence of a digital signature in
> the fake.
>
> The file appears to have been written in Visual Studio, and the PE is .NET
> dependent.  Examination of strings in the binary indicate limited
> operational security (or deliberate misinformation) on the part of the
> attackers.
>
> For example:
> c:\users\allosh hacker\documents\visual studio
> 2012\Projects\allosh\allosh\obj\Debug\Windows.pdb
> Infection & Persistence
>
>  Once executed, the user sees the Psiphon 3 GUI. The malware has, in fact,
> dropped and executed a *working copy of Psiphon 3*alongside the implant.
> [image: 
> Psi_splash]

Re: [liberationtech] Many VPNs and Psiphon are currently blocked in Iran right now

[Nariman Gharib]

Nathan, Thanks about that. 
I just gave that link to users who didn't know how they can use the Orbot. 

For the link I'll talk to you directly. 

Cheers
Nariman

Sent from my iPhone

> On Feb 22, 2014, at 11:30 PM, Nathan of Guardian 
>  wrote:
> 
> 
> 
>> On February 22, 2014 2:38:09 PM EST, Nariman Gharib  
>> wrote:
>> Today I asked my friend who works at Manoto Tv which is a popular
>> satellite
>> tv for Iranian based London, to they asked their audience on Facebook
>> to
>> test Tor... here the result ( in persian you can use google translate )
>> https://www.facebook.com/manototv/photos/a.373466005978.201927.211358470978/10152223429605979/?type=1&stream_ref=10
>> 
>> MANY OF THEM COULD NOT OPEN EVEN THE URL NOT FROM PC NOT FROM MOBILE.
> 
> If you want a link that is not blocked in Iran I can provide that. That "how 
> to" I was sharing as example of content we might provide them to teach them 
> more about using Orbot. I wasn't saying it was the download solution for end 
> users.
> 
> The URL for downloading Orbot directly from our site is 
> https://guardianproject.info/releases/orbot-latest.apk
> 
> The Orweb browser is at https://guardianproject.info/releases/orweb-latest.apk
> 
> If those links are blocked, I can provide links to a number of mirrors 
> privately.
> 
> +n
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Many VPNs and Psiphon are currently blocked in Iran right now

[Nariman Gharib]

Ok, I think I should explain more about this question and just Collin told
me the answered which I looking for that.

1st the reason I didn't add Tor to the list , because I knew that already
Tor is safe, BUT it isn't use widely in Iran, as Amin said, one of the
problem is Internet Speed.

Today I asked my friend who works at Manoto Tv which is a popular satellite
tv for Iranian based London, to they asked their audience on Facebook to
test Tor... here the result ( in persian you can use google translate )
https://www.facebook.com/manototv/photos/a.373466005978.201927.211358470978/10152223429605979/?type=1&stream_ref=10

MANY OF THEM COULD NOT OPEN EVEN THE URL NOT FROM PC NOT FROM MOBILE.

nowadays I suggestion people Lantern over my twitter @listentous and
Facebook page and probably this week from TV.

google play is blocked in Iran and people downloading these software from
dropbox, some file sharing and it's bad.

we should definitely understand that, people just want to access the free
internet, my mother doesn't care about the security or privacy BUT we can't
not telling them how dangerous this software or app. they should know that
the chance of leak their data on the internet or with Iranian cyber army
who ran lots of vpn servers inside country and selling vpn to people.

Thanks
Nariman


On Sat, Feb 22, 2014 at 7:29 PM, Collin Anderson
wrote:

> Nariman,
>
> None of the tools are safe, since the users in question are finding
> servers and credentials through word of mouth and on public sites without
> attribution for where their data is going. Even if the other side is not
> malicious, I've seen a fair amount of those vendors require or encourage
> encryption to be disabled to connect, and instruct them on how to turn it
> off.
>
> Clearly, the issue for them is access rather than security, so at best,
> you could suggest to them that a commercial Western service would be less
> susceptible Iranian state coercion than someone like ParsaVPN. However,
> there should not be any illusion that they safe.
>
> Cordially,
> Collin
>
>
> On Fri, Feb 21, 2014 at 8:59 PM, Nariman Gharib wrote:
>
>> Hi,
>>
>> My name is Nariman Gharib. I'm a researcher in Iran Tech and social media
>> based London.
>>
>> I'm helping Iranian people to bypass the censorship by teaching them and
>> telling them which tools are safe and works for bypass the censorship.(It's
>> hard)
>>
>> 4 days ago Iranian Government blocked Psiphon in Iran. most of Psiphon
>> users inside Iran are using this tool on their android phones, according to
>> my source inside Iran, we have more than 6million android users.
>>
>> by the way, these days people are found and using new tools and this is
>> worried me, because they just want to bypass the filtering and most of them
>> didn't care about privacy and security.
>>
>> so if anybody can help me to tell me which these tools in below are safe
>> it would be great.
>>
>> 1- AnyConnect ICS+ Cisco Systems, Inc.
>> https://play.google.com/store/apps/details?id=com.cisco.anyconnect.vpn.android.avf&hl=en
>> 2- Any connect
>> http://www.cisco.com/c/en/us/support/security/anyconnect-vpn-client/tsd-products-support-series-home.html
>> 3- fqrouter2
>> https://play.google.com/store/apps/details?id=fq.router2&hl=en
>> 4- https://www.sumrando.com/
>> 5- shadowsocks
>> https://play.google.com/store/apps/details?id=com.github.shadowsocks
>> 6- kerio
>> 7- Hola
>> 8- socks(https)
>>
>> Thanks everyone.
>>
>> --
>> PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
>> www.NARIMAN.Tel
>>
>>
>> --
>> Liberationtech is public & archives are searchable on Google. Violations
>> of list guidelines will get you moderated:
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
>> Unsubscribe, change to digest, or change password by emailing moderator at
>> compa...@stanford.edu.
>>
>
>
>
> --
> *Collin David Anderson*
> averysmallbird.com | @cda | Washington, D.C.
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>



-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
www.NARIMAN.Tel
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Many VPNs and Psiphon are currently blocked in Iran right now

[Nariman Gharib]

Hi,

My name is Nariman Gharib. I'm a researcher in Iran Tech and social media
based London.

I'm helping Iranian people to bypass the censorship by teaching them and
telling them which tools are safe and works for bypass the censorship.(It's
hard)

4 days ago Iranian Government blocked Psiphon in Iran. most of Psiphon
users inside Iran are using this tool on their android phones, according to
my source inside Iran, we have more than 6million android users.

by the way, these days people are found and using new tools and this is
worried me, because they just want to bypass the filtering and most of them
didn't care about privacy and security.

so if anybody can help me to tell me which these tools in below are safe it
would be great.

1- AnyConnect ICS+ Cisco Systems, Inc.
https://play.google.com/store/apps/details?id=com.cisco.anyconnect.vpn.android.avf&hl=en
2- Any connect
http://www.cisco.com/c/en/us/support/security/anyconnect-vpn-client/tsd-products-support-series-home.html
3- fqrouter2 https://play.google.com/store/apps/details?id=fq.router2&hl=en
4- https://www.sumrando.com/
5- shadowsocks
https://play.google.com/store/apps/details?id=com.github.shadowsocks
6- kerio
7- Hola
8- socks(https)

​Thanks everyone.
​

-- 
PGP: 084F 95C0 BD1B B15A 129C 90DB A539 6393 6999 CBB6
www.NARIMAN.Tel
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.