For the hard-line government in Tehran, which uses an advanced filtering system to censor their Internet, software that enables the Iranian people to circumvent their censorship and allow free Internet access would be a political nightmare. Austin Heap, a 26-year-old programmer in San Francisco says that his new software, Haystack, would make this possible. And if it works, which Austin says it does, the fight over the Internet in Iran will enter a new phase.
Heap had nothing to do with Iran before Iran's 2009 presidential elections. But the images that came out of the country and the role that the Internet played among those who were fighting for their rights inspired him.
He got his first computer when he was in 3rd grade, started programming in 4th grade (in more than 20 languages). Heap grew up in a small town in Ohio and the Internet always served to connect him with other people, exchange ideas, read and learn new things and was just an endless resource of information and communication, and studied at Bentley University in Boston, worked at a start up right out of college, then at a non-profit in San Francisco, and currently works as Executive Director at the Censorship Research Center in San Francisco. The interview follows:
Omid Memarian: When did you have the idea to make anti-filtering software for Iranians, how did it start?
Austin Heap: Right after the election, I posted instructions on my blog for how those outside of Iran could setup a proxy server on their computer. Within a week over 7,000 people around the world had setup proxies to help people in Iran get back online. This quickly became unmanageable, inefficient, and unreliable. For example, people would setup a proxy server on their laptop and then turn their laptop off. That's when we decided to try and build something that directly addressed how the Internet censorship is occurring in Iran. The Internet for us has also been something that connects people, not a tool to be used in a campaign to violate what the United Nations considers basic human rights.
Omid: How long did it take to develop your software? What makes it different than the other anti-filtering software on the market?
Austin: We had our first live testing of the software in July of 2009, which was a great success, it's taken about seven months to pull everything together for Haystack and we've still got a lot of work to do.
The primary difference between Haystack and other anti-filtering programs is that the data generated by Haystack looks "normal" -- it looks like one is visiting innocuous sites like weather.com and downloading pictures. Most traditional anti-filtering software is easy for an observer (like the government) to detect that a user is using it; Haystack doesn't do this, it "cloaks" all of the data.
Omid: How can the government challenge the software technically? Can they filter in a way that makes it impossible to go beyond filters by the Iranian citizens?
Austin: We've designed our network to work in a way that's absurdly difficult for the government to block. There's no way for me to say that it's impossible for them to block Haystack -- if they wanted to block Haystack and all the other anti-filtering tools they could just turn the Internet off. It's always a cat-and-mouse game with Internet censorship. As hard as we work to help protect the people's abilities to communicate and seek information, there's a group in Iran working to make sure we're not successful.
Omid: How can Iranians use your software? And have you had any pilot tests with those who are living in Iran?
Austin: We've done extensive testing for months now in Iran to make sure the software performs as expected. Haystack runs on Mac, Windows, and Linux right now so it's as easy as downloading the software and double-clicking it. While we ramp up network capacity though, Haystack is invite only.
Omid: How does the software work and how can Iranians, many of whom have dial up connections, download and use the software?
Austin: Haystack was specifically designed with "low bandwidth environments" or places where dialup is still the norm. The software itself is very tiny and has no install process, it was designed to be as easy as possible so users just have to double click and go.You can think about the Haystack process as having two-steps. The first thing it does is encrypt all of the data coming out of the computer -- so even if it falls into the hands of a government monitor, there's nothing useful in the data and it's virtually impossible to crack. The second thing it does is hide the encrypted data in what looks like normal traffic, so to an onlooker it looks completely normal.
Omid: How can people within Iran receive this software? Can people download it online and is this safe? And can it be installed from a devise and if so, how is that made available?
Austin Heap: If done safely, downloading online is certainly the easiest way to get a copy. The government in Iran can, in theory, monitor all unencrypted traffic moving over their network. For example, if you're in Iran -- going to haystacknetwork.com or torproject.org without being on an encrypted connection is completely traceable. The easiest way to move any data is offline, move it by hand, burn it on a CD or share it with friends via a USB disk.
Omid: Can you explain how one is tracked if they were to download it online
Austin Heap: Since all Internet communications in Iran filters through DCI (Data Communication of Iran) they can essentially look at each packet that flows through their network and if one is from you and destined to a banned website, it's trivial for them to monitor that and flag you.
Omid: When did the Treasury Secretary inform you about lifting sanctions for your company and what does it mean in practice?
Austin: Any organization that wants to do human rights work in a country sanctioned by the US has to get approval from the Treasury Department.
People in the U.S. can't readily export technology like Haystack so without the license we weren't able to start sending the software to those who could use it. We found out about our licenses for Haystack exempting it from sanctions in late March. What this means for our organization is that we can focus on the technology side and make sure Haystack is as successful as possible in helping people reach important resources online in a safe manner.
Photo Credit:Courtesy of Andy Hall/Observer-Related link: New Software Could Outwit Tehran's Censors, IPS News Agency