Stockholms Dagblad - Souped-up VPNs play 'cat and mouse' game with Iran censors

AFP asked Adam Fisk, head of US-based nonprofit Lantern, which offers an advanced VPN, how his technology and similar apps can get around such heavy-handed blocking.

Question: How does Iran's internet blocking work?

Answer: In general, censoring countries block traffic using DNS (Domain Name System, which translates between human- and machine-readable names for websites and other resources), SNI (server name identification), IP-based blocking (of specific internet addresses) and other forms of Deep Packet Inspection (probing the content of data sent over the internet).

Iran uses all of those, and it is generally much more aggressive than other countries in targeting the entire IP ranges of service providers that VPNs typically use.

Iran is also uniquely aggressive in shutting down all international connectivity in times of crisis. In those cases, traffic is primarily limited to the domestic internet, or NIN (National Information Network).

Q: How do tools like Lantern get around the blocking?

A: Lantern and Psiphon (a similar tool made by a Canadian company) share the same general approaches but use different protocols and codebases.

A powerful approach is hiding in common forms of traffic, such as TLS (Transport Layer Security, used to protect applications like web browsing, email, instant messaging and voice calls) or DNS.

The additional traffic from Lantern or other tools becomes a subset of a much larger whole. If done carefully, it can be hard to distinguish from ordinary web traffic.

There is definitely a cat-and-mouse element to the relationship. Lantern and other tools are constantly discovering new approaches or vulnerabilities, while censors such as Iran discover new ways to shut them down.

Q: How do people inside countries like Iran get software to circumvent blocking?

A: When there is international internet connectivity, people get Lantern from sites that censors are unwilling to block due to the economic consequences such as (software development platform) GitHub.

During internet shutdowns, however, people rely on their existing copies of Lantern and other tools, or they can get new updates through services like (satellite broadcast system) Toosheh or other users who have Starlink, for example.

Iran is generally a very tech-savvy country, and many people constantly have multiple circumvention apps on their phones.

Q: Could Iran's hackers glean data about users from your systems?

A: We don't store any personally identifiable information about users at all, and Lantern undergoes regular security audits.

We are also generally strong security engineers and take care to secure our backend infrastructure in a variety of ways.

Q: Where do Lantern's resources come from and can ordinary people help out?

A: Lantern is a US-based nonprofit that earns revenue from Lantern Pro users worldwide who pay for a better version. Historically, we have received funding from the Open Technology Fund (a US government-funded NGO that campaigns for internet freedom), the US State Department and private philanthropists.

We also have Unbounded, where anyone can become a proxy (a "bridge" between people in censored countries and Lantern's network) with the click of a button.

This will use your bandwidth to some degree but won't have a significant impact on the performance of your machine. People can run it for however long they want.

Q: Where else is Lantern widely used and is demand growing?

A: In general, we have seen censorship growing around the world for many years, with Lantern usage growing accordingly to around two million globally.

We have a significant number of users in Russia, Myanmar and the UAE.

From Iran at the moment, there's very little traffic getting through, very little traffic in general apart from what's on the NIN.

K.Jansson--StDgbl