Forsaking the sterile arguments that dominated the French and foreign media during the so-called “Twitter revolution” in Iran in June – the actual protests having taken place in the streets of Teheran – we have decided to examine, from an almost ethnological perspective, activity on the internet during the recent events. This particularly intense activity, doubtless unprecedented in terms of its technological breadth, highlights the emergence of extremely interesting phenomena, particularly the question of digital freedoms. It was the desire to defend digital freedoms that morphed us, in real time, from powerless onlookers on the internet into fighters on the front of global solidarity. Our ideas, which are intended to be analytical, prospective, critical and pedagogical (with our apologies for the occasional technical passages, which are vital as a means of understanding the mechanisms involved), are bound up in what remain very hot events.In the early hours following the official announcement of Mahmoud Ahmadinejad’s victory in the presidential election, Iran’s filtering services began censoring the internet, as shown by the four graphs below, focusing on e-mail, video and Web ports.

Graphs taken from A Deeper Look at The Iranian Firewall by Craig Labovitz

To get a full grasp of the nature of the movement, it is important to explain briefly what firewalls and proxies are. A firewall is a security system located at the junction between two distinct networks: a PC or a network within an organisation, and an external network, the internet in this case. Firewalls are built to protect internal networks, and sometimes a country, as in the case of Iran, their chief task being to keep malevolent activities on the outside. In Iran’s case, firewalls are also intended to block access to foreign services at specific times. A firewall’s other role is to carry out surveillance of the ports used. On a PC, each software application has a specific port (representing the application’s “address” so to speak). In “classic” internet connections, most ports are closed; only those corresponding to applications directly concerned are open.

Graph taken from the blog Haute-Disponibilité

A proxy is a mandatory server that carries requests from a client station to a server. Mandatory servers are used to carry out various functions, in this case to protect the anonymity of people accessing the internet.
In short, and forgetting technical considerations, when the Iranian authorities blocked access to services and ports, it became necessary to bypass firewalls put up by the government or to trick them into thinking that a specific server was being called. That mandatory server in turn called the requested service (social networking and video-sharing websites, e-mail servers, peer-to-peer trackers, etc.), thereby getting the relevant information to the user, once again bypassing the surveillance of filtering services and their firewalls.
Very quickly, in fact as soon as the events started in Iran, the addresses of public proxies started circulating on Twitter, to allow people using the internet in Iran to bypass censorship. On top of that, a wide variety of tutorials were posted to teach supporters of the protest movement in foreign countries how to transform their PCs into proxies. It is important to bear in mind the unprecedented nature of this movement of solidarity and support via the appropriation of highly advanced know-how and security technology practices. Never before, neither during the Beijing Olympics nor during recent events in Myanmar, had technical solidarity been evident to such an extent, despite calls made at these times by human rights organisations and groups defending the freedom of the press.
The following screen capture using Google Earth shows the intense proxy activity during the events.

Image taken from The Proxy Fight for Iranian Democracy by James Cowie

This movement, which was praiseworthy in itself (aiming to provide tangible support for the freedom of expression), was nevertheless quick to pose a serious problem that could have had dramatic consequences: publicising the addresses of proxies allowed intelligence services to identify the routes taken by opponents of the regime, their content and their precise geolocalisation. This is why security experts and hackers were quick to circulate messages aimed at stopping proxy addresses from being given on Twitter or websites.

Screen capture of one of the countless messages posted on Twitter

Thus, some technicians opted to call on specialists to e-mail their proxy addresses to specific people, leaving it up to them to use the same route to pass them on to opponents in Iran. These experts were quickly called on to beef up network security by creating virtual private networks (VPN), which are like encrypted tunnels between the client PC and the proxy, to identify and bypass ports blocked by the Iranian authorities, as shown by the following screen capture:

Screen capture of one of the countless messages posted on Twitter

This, however, raised one critical question: how much trust can I place in people I know solely as a follower on Twitter, but with whom I have never had any face-to-face dealings? How can I be sure that such people are not members of the Iranian security services, or those of another country that may be seeking to destabilise Iran? And even should I trust these people themselves, how much trust can I place in their e-mail communications?
This is when specialists in this type of activity made their appearance: organisations defending digital freedoms, hackers, academics specialising in security, etc. The most important message contained in the various cyberactivism manuals they posted was that one should never do anything unless one is sure that the security system one has set up is one hundred percent reliable, so as not to put members of the Iranian opposition in danger. Their second recommendation was not to make denial-of-service attacks on official Iranian government websites, as suggested by some activists on Twitter, or distributed-denial-of-service attacks on other websites, as shown in the following screen capture:

Screen capture of one of the countless messages posted on Twitter

Flood attacks of this nature (considered illegal) would – on the proviso that they succeed – slow or even block all traffic on a server in countries with limited bandwidth resources. (For more details on the questions of floods and to see a few examples, see the work of three students at Lille-III University in France.)
The third recommendation was to use anonymous and decentralised security systems, based on the P2P principle. These players adhere to one abiding principle, namely that security does not exist: their prime goal is to make their adversaries waste time and energy looking for relevant information lost in a sea of irrelevant data.
The names of a few systems, all of which were set up or supported by organisations defending digital freedoms, did the rounds of the Web. They included Psiphon (http://psiphon.ca/) and Freegate. But the anonymous and decentralised Tor network, created by a group of security experts and supported by the Electronic Frontier Foundation (EFF), was far and away the most successful. Ironically, Tor is used not only by activists like Indymedia, but also by US government services including the US Navy in the Middle East. It is “a network of virtual tunnels that […] provides the foundation for a range of applications that allow organisations and individuals to share information over public networks without compromising their privacy”.
The four graphs, available on the Tor Project’s official blog, highlight two quite important things: a very big increase in the number of new clients and traffic on the network since the start of the events in Iran, and the fact that the use of this type of system is in itself neither a novelty nor the effect of international mobilisation – hundreds of Iranians had been installing and using systems of this type on a daily basis long before the events of 13 June 2009.

Graphs taken from the Tor Project blog

While hackers generally get a lot of bad press, it may be worth taking a look at their “social utility”. Hacker culture, which emerged with the appearance of electronic networks, is based on two basic ideas that are important features in structuring the community:

1. The first idea is contained in the oft-repeated phrase “information wants to be free”. While the idea of lending intentions to information may be surprising at first sight, it is indeed true – and this was amply borne out by the events in Iran – that hackers have consistently had the keenest sense of the right to free expression (and the need to defend it) since electronic networks first appeared.
2. The second idea relates to hackers’ most common practice, namely defacing, which means the unsolicited modification of a website’s home page. Aside from the fun aspect or the virtuosity it showcases, defacing aims to make the users and webmasters of defaced websites aware of the flaws in their security systems, prompting them to fix them as quickly as possible in order to protect their clients against risks (credit-card fraud, access to classified data, etc.).

Seen from this angle, and putting folklore or acts of cybercriminality to one side, hackers’ social utility is undeniable: they have personified the two notions of security and freedom of expression that are today the crux of the debate about digital freedoms. In this way, they are the bearers of a “public culture” of security, helping politicise the issue of security.
Other groups involved in this fight include Anonymous, which made a name for itself with its attacks against the Church of Scientology and, more recently, against YouTube, with « Porn Day ». We could also cite the involvement of Eric Steven Raymond, one of the pillars of the hacker movement and an advocate of the Open Source movement, who created NedaNet and provides resources allowing people to beat Iranian censorship. ESR’s “appearance” may come as a surprise to those familiar with his work: he was the first to make the extremely radical distinction between “good hackers” (those who develop open source software) and “bad hackers” (who try to get around security systems). His about-face highlights the limits of his theory (set out in the seminal text “How to become a hacker”), which has absolutely no bearing on hackers’ oft-played role as defenders of the freedom of expression.
During a gathering of hackers in which we made this argument, one of the participants, backing up our feeling that a new stage has been reached in the emergence of a public security culture, went a step further with this extremely pertinent observation: while specialists have a tendency to present themselves as experts, sometimes to the point of being arrogant, they have consistently worked during such events to provide non-experts with easily available and user-friendly resources (screen captures to help configure applications, tutorials, manuals, etc.).
It was therefore not surprising to see them at work during the events in Iran, their activity contrasting with the strange silence of more traditional leftwing activists, who were probably perturbed by the cause itself and the difficulty for outsiders to opt for one camp over another.
Since the early 2000s, activists, artists and human rights organisations have put together technological solutions to provide support for the opponents of oppressive regimes that censor information (China, Iran, Syria, Tunisia, Turkey, etc.). These include Cult of the Dead Cow, a group of hackers that truly paved the way, coining the term “hacktivism” and drawing up, back in 1999, the so-called Hacktivismo Declaration, stating that:

“Full respect for human rights and fundamental freedoms includes the liberty of fair and reasonable access to information, whether by shortwave radio, airmail, simple telephony, the global internet, or other media.

“We recognise the right of governments to forbid the publication of properly categorised state secrets, child pornography, and matters related to personal privacy and privilege, among other accepted restrictions. But we oppose the use of state power to control access to the works of critics, intellectuals, artists, or religious figures.

“State-sponsored censorship of the internet erodes peaceful and civilised coexistence, affects the exercise of democracy, and endangers the socioeconomic development of nations.

“State-sponsored censorship of the internet is a serious form of organised and systematic violence against citizens, is intended to generate confusion and xenophobia, and is a reprehensible violation of trust.

“We will study ways and means of circumventing state sponsored censorship of the internet and will implement technologies to challenge information rights violations.”

This declaration had previously remained pretty much confined to hacktivism circles, prompting only a handful of very isolated initiatives inspired by artists or militants, generally targeting China or big companies like Google after it gave in to Beijing’s censorship demands. Similarly, calls by organisations have so far been limited to highly specialised or extremely militant milieus. However, there is not much risk of error or being seen as excessively “techno-euphoric” in contending that popular protest against the results of the Iranian elections was a decisive step in the appropriation of issues relating to the security, surveillance and censorship of electronic networks by a larger public.
It is significant that no skill-sharing or technical solidarity movements emerged in France in the winter of 2008-2009, at the height of the opposition to the proposed creation of a new authority to regulate the spread of artistic works and to protect intellectual property on the internet (known by its French acronym of HADOPI, a key plank of the Internet and Creation law), despite the numerous messages of intent posted on mailing lists, forums and even on Twitter contending that internet users would end up finding ways to ensure their anonymity.
At a time when governments, some political parties and organisations are starting to take digital freedoms, internet censorship and surveillance issues into account, this movement, which is greater than the event itself, deserves very close scrutiny. The fact that this event coincided with increasingly well-organised networks (Twitter being the most symbolic example at the moment), and the meeting between digital freedom militants (organisations, hackers, security experts, etc.) and a fairly large public with little first-hand knowledge of such issues and practices were no doubt significant factors. This is not to say that internet users will now all be focused on their security and privacy on the internet, simply that this issue, which became a very hot topic during the events in Iran, will now be raised increasingly often in the public sphere, due to the Web’s pervasiveness. Better, the events in Iran saw thousands of internet users train themselves in a number of extremely advanced techniques relating to security and the protection of digital freedoms, for themselves and for others.
This does not mean there is cause to reify technical tools used arms in a “civil war” or, for instance, to build a “new religion” around Twitter, an easy target for the French media-critic and neoluddite penchant. It is important to bear in mind that other collective protest movements have used mobile phones, messaging services, social networks, and video- and photo-sharing websites: in the Philippines (2003-2005), in Ukraine (2005), in Egypt (the April 6 Youth Movement), during the Republican convention in New York (2004), in France (2005), in Spain (2004), in Greece (2008), in Myanmar and, most recently, in Moldova (2009). The role of the internet in the conflict between Gaza and Israel (2008) is also noteworthy, with the creation of political games typical of the digital Intifada, the symbolic war of representations that shadows the military and political conflicts. The events in Iran in June 2009 precipitated all the elements observed in the mobilisations cited above, with an arsenal effectively inter-connecting mobiles and the Web, messaging and video, Twitter and Wikipedia. They nevertheless express, and this is unprecedented, increasing technical curiosity on the part of global digital citizenry, especially around the notion of “proxy warfare”, agilely opposing power and censorship on all sides. One could also contend that a “public culture of IT security” is currently taking shape, namely the widespread appropriation of issues hitherto reserved for cyber-experts, with the technical help and encouragement of the most politically active players on these issues, namely hackers. Just as the issue of copyright has become a “public problem” (John Dewey) over the last ten years, with debate extending beyond legal circles and law firms specialising in intellectual property, giving rise to two hotly contested laws in France (DADVSI, Internet and Creation) and various other actions and protests (including a “HADOPI” march in conjunction with the traditional trade union May Day demonstrations in 2009), IT security appears to have become a widely appropriated cause as the technical foundation of the freedom of expression and communication. With the tragic events in Iran, various manifestations of technical solidarity helped inform this “public culture of IT security”. Other types of action prolonged this phenomenon, including the prize offered for an anonymous, encrypted and unblockable system of mobile internet access. Following the events in Iran, during which security services kept a close watch on the telephone communications of pro-Moussaoui activists, Nova Spivack, an influential Web 2.0 figure, laid down a challenge for developers working on applications to make mobiles safer in countries subject to censorship and surveillance. This challenge was also a reaction to the practices of the leading Web 2.0 companies and equipment manufacturers, suspected of being too soft on these countries. Nokia and Siemens, for instance, were accused of selling mobile tracking systems to the Iranian authorities (see the project).
Who can complain about the rise of a “public culture of IT security” of this type? Certainly not those to cherish those digital freedoms that we should all defend more actively (see the presentation by Hervé Morin, leader of Nouveau Centre, Déclaration des droits fondamentaux numériques (Declaration of fundamental digital rights), 29 June 2009, on the Fondation pour l’innovation politique website).

For further reading, a large amount of particularly interesting information and some very good illustrations are available on the Spectre Footnotes website.

The authors

Olivier BLONDEAU has a PHD from Sciences Po, is a researcher in Political Science and a political communications consultant, and Laurence ALLARD, professor in information and communication science at Lille-III University, are co-authors of Devenir média. L’activisme sur Internet entre défection et expérimentation (Éd. Amsterdam, 2007). They are in charge of “Politique 2.0”, a page looking at the latest political trends for the Fondation pour l’innovation politique.