In the past few days a debate has raged over Haystack, the circumvention tool aimed at helping Iranians evade Internet censorship. A range of posts that have been written, critiquing the project. The actions of the project’s creators have legitimated these critiques: the project’s founder, Austin Heap, turned off Haystack on Friday in acknowledgment of security concerns and the project’s technical director and board of advisers have resigned.
In a previous post I reviewed the debate on Haystack and, yesterday, that was the story. However, earlier today Danny O’Brien, who has been intimately involved in the review of Haystack’s security issues, wrote a post that revealed that usage of Haystack is not limited to official testers, but that there are rogue (pirated) copies of the software being used by activists. (Danny’s post did not reveal how many, or even if the number is known.) Because of security concerns (which have not been enumerated publicly) this mean that, rather than being overly-hyped vaporware, Haystack is actively putting people in danger. Danny writes:
Last Friday, [circumvention expert] Jacob Appelbaum approached me with some preliminary concerns about the security of the Haystack system. I brokered a conversation between him, Austin Heap, Haystack developer Dan Colascione and the CEO of CRC, Babak Siavoshy. Concerned by what Jacob had deduced about the system, Austin announced that he was shutting down Haystack’s central servers, and would keep Haystack down until the problems were resolved.
Shortly after, Jacob obtained a Haystack client binary. On Sunday evening, Jacob was able to conclusively demonstrate to me that he could still use Haystack using this client via Austin’s servers.
When I confronted Austin with proof of this act, on the phone, he denied it was possible. He repeated his statement that Haystack was shut down. He also said that Jacob’s client had been “permanently disabled”. This was all said as I watched Jacob using Haystack, with his supposedly “disabled” client, using the same Haystack servers Austin claimed were no longer operational
Rogue clients; no apparent control. This is why I and others decided to make a big noise on Monday: it was not a matter of letting just CRC’s official Haystack testers quietly know of problems; we feared there was a potentially wider and vulnerable pool of users who were background users of Haystack that none of us, including CRC, knew how to directly reach.
For those who are interested in the Haystack issue, I would encourage a change of focus to those most affected: Iranian users. I propose the following course of action:
- The technicians who understand the security risks of the software (Danny, Jacob, Austin, Dan, others?) should write a short document that will convince Iranian users to stop using it. It would need to provide just enough information to be convincing, but not enough to help the Iranian government crack Haystack.
- Translate the document into Farsi for an Iranian audience.
- Disseminate the document as widely as possible, starting with contacts in the Iranian blogosphere.
It’s time to change our focus to those most effected by recent revelations about Haystack: the Iranian activists who currently are using it.