Software designed to allow Iranians to circumvent government monitoring of Internet traffic in Iran has been withdrawn amid security fears.
The widely praised Haystack program was designed to allow Iranian dissidents to communicate without fear of being observed by government censors.
However, the software has been withdrawn after an independent review discovered key flaws in the security of the design that have potentially put thousands of Iranians at risk of arrest.
A notice on the website of the Censorship Research Center (CRC)–the volunteer group behind the project–warns people to not use the program.
“We have halted ongoing testing of Haystack in Iran pending a security review,” the statement said. “If you have a copy of the test program, please refrain from using it.”
Haystack was the brainchild of 26-year-old software entrepreneur Austin Heap, who quit a “six figure salary” to work on the project after widespread anti-government and human rights protests emerged in Iran last year. Social networking sites were tightly regulated after opposition groups used the Internet to organize mass rallies over the disputed re-election of President Mahmoud Ahmadinejad.
The mission statement of Haystack is to “provide safe, unfiltered Internet to the people of Iran affected by the government’s coordinated censorship efforts.” The release of the software came with great fanfare and was even alluded to by U.S. Secretary of State Hillary Clinton in an interview earlier this year.
However, an independent review of Haystack by independent computer expert Jacob Appelbaum found that it inadvertently alerts anyone that they are using the program.
Appelbaum said in a Twitter posting that it was the “worst piece of software” he had ever examined and that he was “concerned for the people using it in Iran.”
The founder of the project, in a posting on his blog site AustinHeap.com, said that security concerns would be addressed.
“Recently, there has been a vigorous debate in the security community regarding Haystack’s transparency and security,” he wrote. “We believe that many of the points made in this debate were valid.
“We have begun contacting users of Haystack to tell them to cease using the program,” he added. “We will not resume testing until this third-party review is completed and security concerns are addressed in an open and transparent way.”
Iranians, however, are not without alternatives, even if Haystack has to be mothballed. Software that proved pivotal in facilitating last year’s protests to take place, was created by the Global Internet Freedom Consortium (GIF) and includes FreeGate, UltraSurf, and GTunnel.
GIF, formed in 2006, has a mission to “build a pioneering online platform that breaks down the Great Firewalls blocking the free flow of information penetrating into, moving within, and originating from closed societies (e.g., China and Iran) via the Internet,” states the GIF website.
Different member organizations of the consortium have contributed a total of seven different software products to allow those living under totalitarian governments to punch through Internet censorship without being caught by the authorities.
A July 23, 2009, Wall Street Journal article stated, “GIF has an impressive history of aiding anti-authoritarian movements in real time. When Burmese monks and others rose up against their military rulers in August 2007, its programs saw a threefold increase in average daily hits from Burma.”
According to the GIF website, most consortium members are “Falun Gong practitioners exiled from China, and many were also Tiananmen Square students in 1989.” The GIF software packages were originally designed to keep Chinese citizens safe from the world’s largest totalitarian regime while they seek freedom on the Internet.
For more information about the Global Internet Freedom Consortium and to download its products, visit http://www.internetfreedom.org, available in English, Chinese, and Farsi.