Monday, January 5, 2009

For Their Eyes Only

Babak Namdar

By Jamie Wednesday, December 10, 2008
Frontpage Interview’s guest today is Babak Namdar, a senior member of Marze Por Gohar (MPG), an Iranian nationalist political party that seeks to establish a secular republic. His primary area of expertise is in the area of secure communications. He's also served as an instructor on matters relevant to the various forms of digital communications and encryption. Mr. Namdar currently manages Information Technology for a large media firm.
FP: Babak Namdar, welcome to Frontpage Interview.
Namdar: Thank you for providing MPG an opportunity to explain the various communication challenges we face from the Islamic Republic
FP: Tell us about the MPG.
Namdar: The Marze Por Gohar Party is an Iranian opposition organization seeking the establishment of a secular republic in Iran. MPG was instrumental in organizing the uprising in July 1999 in Iran. MPG is one of very few Iranian opposition entities that have members in Iran; it’s this distinction that has allowed MPG to organize successful peaceful campaigns in Iran. As we continue to strengthen our organization and conduct various political campaigns in Iran we have recognized the need to safeguard our communications from eavesdropping by various 3rd party entities.
FP: What exactly is “secure communications”?
Namdar: Secure communications basically means being able to share information with others with a certain degree of confidence that 3rd party entities will be unable to eavesdrop on what is being shared.
For us “secure communications” primarily involves the various ways we can share information electronically. Since the subject is very broad I'll provide a brief example.
When you are visiting a website you are communicating with a web server, requesting a web page. Depending on which protocol you are using to access the site, a third-party may be able to intercept this visit and gleam valuable information (if you were to have viewed your email account for example).
Using a more secure protocol (https instead of http) you could make it a lot more difficult for others to decipher the network traffic as https encrypts the information from the web server to the browser and vise-versa.
FP: What types of communications do your members inside Iran use?
Namdar: There's a fairly common list of communication mediums our members use in Iran such as: land-line phones, mobile phone, fax, websites, instant messaging, email, sms and Bluetooth. Out of this list there are some mediums that are of particular importance to us as they each serve a particular niche in providing access to information or providing members outside Iran access to information.
I'll explain a little to better illustrate my point. Our members have a deep-seated need to have access to information that the Islamic Republic censors. Therefore, we have to provide them the relevant tools to bypass the regime's filtering of websites. Members in both inside and outside Iran have a need to talk about various matters, and thus we have to have the means to ensure these instant messages are protected from the regime.
Members outside Iran also have a need for information inside Iran that only members inside Iran can provide, and thus we have to provide the means for our members to send this information to us without the regime blocking and/or deciphering the information that is being sent.
FP: Why is secure communications so important for your movement?
Namdar: The term has particular importance for us because the majority of our members are in Iran who we are in constant contact with and having the ability to safeguard our communication from eavesdropping or even the fact that we are communicating is of paramount importance.
Marze Por Gohar is deemed an illegal organization by the Islamic Republic and thus anyone found to be associating themselves with us may be prosecuted for various fabricated charges. Without protecting our communications, the Islamic Republic would be able to mine the correspondences with potentially dire consequences for our organization. Therefore we treat secure communications with the level seriousness that it obviously deserves.
FP: Considering the Islamic Republic has a technological advantage with regards to communications interception, how do you deal with this challenge?
Namdar: That's a very interesting question. As you cited, the Islamic Republic enjoys an undeniable advantage with regards to intercepting communications in Iran, however, one has to remember some mediums are infinitely more difficult to discern their contents then others. The regime can intercept both landline based phones and internet traffic – which I don't think is anything new.
But while the regime can tap phones and listen in to what is being discussed with relative ease, the same cannot be said of decrypting an encrypted email to determine its contents. We continuously reiterate to our members that electronic communications mediums that are easy targets for the regime to intercept and analyze should not be used to relay sensitive information. Though the Islamic Republic would like Iranians to believe that they are monitoring their every move, the fact of the matter is they their resources are limited.
In other words, since the regime can easily eavesdrop on cell phone calls, we regress and use more primitive forms of communication that are unable to be intercepted without human resources (for which the regime already is in short supply of).
FP: Tell us about the Chinese dissident who was jailed as a result of Yahoo. This is a major concern for you right?
Namdar: The short version is that Yahoo has branches in China and subsequently these business branches operate within the confines of Chinese law. China asked Yahoo for information regarding some political dissidents and Yahoo obliged. As a result of the information Yahoo provided the aforementioned political activists were sentenced to jail – 10 years I believe.
This development is very disturbing for us, particularly as there is some pressure being applied on the incoming administration to normalize relations. Under a scenario where relations have been restored, American companies will begin doing business with the Islamic Republic. As a result, if the Islamic Republic requests information regarding Iranian political activists, living in Iran, from Yahoo for example, Yahoo would furnish this information for fear of losing the regime’s lucrative business contracts.
FP: Please explain the phenomenon of sending messages/data via Bluetooth and SMS that is
currently taking place in Iran.
Namdar: The really appealing aspect of Bluetooth is that it’s peer-to-peer technology and it’s also free. The peer-to-peer aspect of Bluetooth means that the data being sent or received does not have to first be sent to a server (to be potentially analyzed); rather the data is sent directly to the other party. Therefore, Iranians simply turn on their Bluetooth and watch their phone fill up with jokes, pictures, music, etc. without the fear. Though the telecom companies have the ability to read the data on their respective subscriber’s cell phones (saved pictures, text messages, etc.), the sheer volume of information changing hands via Bluetooth makes logging and dissemination of this data very unattractive.
FP: What are some applications/technologies that you teach to your members?
Namdar: SSH Tunnels – this allows our members to bypass filtering software the Islamic Republic has deployed; data being sent and received is completely encrypted.
Flash cards – we encourage members to install portable applications on their usb memory sticks. The Firefox browser can run straight from the flashcard which enables browsing history and cookies to be stored on the flashcard not the pc’s hard-drive – very beneficial for members that frequent internet cafes.
Pidgin with OTR – Pidgin is an application that supports multiple Instant Message protocols such as Yahoo, AOL Instant Messenger, MSN and many others. OTR (Off the Record) is a plug-in that can be used with Pidgin to encrypt instant messages. Generally instant messages get transmitted in clear-text which allows and the Islamic Republic to text-mine these conversations for specific phrases and/or keywords. However with encrypted conversations the traffic turns to gibberish and the regime is unable to discern the content of the conversation by analyzing the network traffic
Truecrypt – this application allows for encryption of data for safe storage and retrieval. It has many useful features particularly being able to encrypt ones whole operating system. Data that has been encrypted with Truecrypt is not meant to be shared with others, as it will mean having to share the password that was used to initially encrypt the data and that opens up a host of issues.
Thunderbird with Enigmail – Thunderbird is an email client which was developed by the same people that brought us Firefox. Enigmail is a plug-in for Thunderbird that uses GnuPG to send and receive encrypted emails and attachments.
Gmail – though Yahoo, MSN and other large internet brands have free email, Gmail allows for using https for sending and receiving emails. Members that are not sufficiently savvy with Thunderbird are encouraged to use Gmail with https. While http traffic is transmitted as clear text (I can monitor the network traffic and see what you are reading), https is encrypted. Thus, while the Islamic Republic will know that I’m visiting Gmail, they will not know what emails I’m reading / writing.
FP: Won’t these disclosure of these applications compromise their use inside Iran?
Namdar: Let’s take Truecrypt for example, let’s say Islamic Republic comes across information that Truecrypt is being used to encrypt data on CDs and that the CDs are then being distributed with their respective passwords to decrypt them. The Islamic Republic would really be in a dilemma because it would take a lot of resources to scour the whole country on a constant basis to find these encrypted CDs. To further complicate matters, what if some of the CDs contained encrypted propaganda material while other encrypted CDs really only contained popular mp3 music files? This is but one example, but in short we are not worried about the Islamic Republic’s reaction to the revelation of the applications I’ve cited above.
FP: Please explain filtering and digital censorships in Iran.
Namdar: Based off what we have seen thus far, the Islamic Republic uses both domain based and keyword filtering for websites. Domain filtering basically means that the domain ( for example) is on the ‘black list’. Any attempt to visit sites on the ‘black list’ will be greeted with a page Iranians inside Iran are familiar with: this website is restricted. The Islamic Republic also uses keywords or phrases to restrict access to websites. There are lists of keywords and phrases that will trigger the filtering software to prevent access to that site. As an exercise I used a proxy server located in Iran and I googled ‘Khamenei democracy secular’ and instead of seeing the search results received the ‘this website is restricted’ page. I then did a search for ‘Khamenei’ and the results page was displayed normally. It should be noted that the filtering technology the Islamic Republic has deployed was developed by an American company.
The regime also uses text-mining technology to gain valuable information by monitoring the network traffic. Again since the majority of the information is being sent over http, it’s clear-text and thus with relative ease the regime can decipher who is doing what, where and etc. There are many sites that offer lists of public proxy servers to use to bypass the regime’s filtering, but the site owners forget that all the Islamic Republic has to do is add their domain to the ‘black list’ and Iranians will be unable to view that site anymore to get the latest lists of proxy servers.
FP: How about the hacking war between the regime and the freedom movement?
Namdar: The regime generally mounts two forms of attacks against Iranian opposition servers. One attack involves mounting a Denial of Service campaigns. Think of Denial of Service attacks as overloading the server with traffic to such an extent that the server simply crashes – knocking whatever service that server provided offline. The second type attack involves probing the opposition server(s) and trying to find a vulnerability in the services that the server runs. Successfully exploiting a vulnerability can yield super-user level rights to the server. The Islamic Republic was first to initiate cyber-attacks and the Iranian opposition community returned the favor by defacing various regime websites. We’ve asked that Iranians with technical know-how register their discontent with regime by means they feel is appropriate and they’ve responded by defacing some high profile regime sites including those belonging to Ahmadinejad.
FP: Are you optimistic that Iran can be free any time soon?
Namdar: I’m always optimistic, I can’t abandon hope. These thirty years that the Islamic Republic has been in power clearly point to one thing: whatever the Iranian opposition has been doing has not worked. MPG represents a new way of fighting the Islamic Republic and our successful track record clearly indicates that we are on the right path. I have genuine confidence that we will succeed where others have failed and we will witness a secular republic of Iran come about.
FP: Babak Namdar, thank you for joining Frontpage Interview.
Namdar: Thanks again for having me. Down with the Islamic Republic. Long Live Iran.
--------------------------------------------------------------------------------Jamie Glazov is Frontpage Magazine's managing editor. He holds a Ph.D. in History with a specialty in U.S. and Canadian foreign policy. He edited and wrote the introduction to David Horowitz’s Left Illusions. He is also the co-editor (with David Horowitz) of The Hate America Left and the author of Canadian Policy Toward Khrushchev’s Soviet Union (McGill-Queens University Press, 2002) and 15 Tips on How to be a Good Leftist. To see his previous symposiums, interviews and articles Click Here. Email him at