Iran partially blocks encrypted network traffic

Over the past two days we've been hearing from, and working with, a number of Iranians having difficulty using Tor from inside Iran. It seems the Iranian government has ramped up censorship in three ways: deep packet inspection (dpi) of SSL traffic, selective blocking of IP Address and TCP port combinations, and some keyword filtering. For instance, they have partially blocked access to Tor's website, torproject.org, via IP address (such as 86.59.30.36) and port 443 (which is the HTTPS port). The third level of blocking is by keywords, such as searching for the word 'tor' via regular, non-encrypted search engine websites.

The blocks on SSL are not complete and not nationwide. Where blocking is in place, initial investigations show they are identifying the beginning of the SSL handshake and simply interrupting the handshake. We continue to research and investigate solutions with the assumption that SSL will eventually be blocked nationwide inside Iran. Our goal is to defeat their dpi signatures and allow tor to work by default.

The Iran Media Program has posted their thoughts on what is happening from a journalist's perspective.

So far, it seems the majority of Tor users are not affected by these blocks. Iran is still the #2 country based on direct usage, https://metrics.torproject.org/users.html?graph=direct-users&country=ir…. This number is on the decline, however.

More details to follow as we have them.

Update 2011-02-10 18:05 UTC: We are working on making our obfuscating proxy more stable and easier to deploy. If you can compile code, following these directions will help. We're also working on Amazon EC2 instances of obfsproxy for point and click deployment.

Anonymous

February 12, 2012

Permalink

Anonymous has always said that they will NOT attack Facebook, because it is nigh impenetrable, and because social networking infrastructures are a friend of free speech. Anyway, as others have said, attacking the DPI routers would probably only make matters worse.

Anonymous

February 13, 2012

Permalink

Iran´s censoring of TOR traffic seems to have ended. My TOR Server shows a "normal" number of users from Iran
--Salvo

Anonymous

February 14, 2012

Permalink

50.19.186.98:443 5B08F60EDE1827479766C73DE63588B609CF25F4

Anonymous

May 28, 2012

Permalink

Oh, This should be the same old issue... And we're going sick and tired of being in Iran these days. Look what's happening here, I'm using tor for a month and everything was working fine, from last 3 days it seems like something strange is happening that "I cannot post messages or push the LIKE buttons on facebook" do you think that this will be permanent or something ? should I upgrade my version of thor ? please share my any possible trick,
regards from Tehran, Iran.

If the version of Tor Browser Bundle you're using tells you to update, you should update it. It's probably because there are Firefox security bugs that you should get fixes for.

See https://blog.torproject.org/blog/obfsproxy-next-step-censorship-arms-ra… if you want to learn more about obfsproxy (which lets Tor work in Iran even when Iran is filtering SSL connections).

It sounds from the above like you're having trouble with some sort of application-level or website-level thing, though, which doesn't (or at least shouldn't) have anything to do with whether you can reach the Tor network from your country.