The topic of how to use the internet and virtual space without falling into the trap of malware or viruses is one that, despite its existence since the early days of creating such a space, is not taken very seriously. In fact, this issue still has a significant distance to go before becoming a common culture. When we add the lack of cyber security through government surveillance, especially in order to restrict the free flow of information and suppress political and social activists, we are faced with a complex problem.

Given the topic of the special issue of the Khat-e-Solh magazine, we approached Arash Abadpour, a cyber security and social media expert, and asked him questions about how to properly use the internet, especially in the Iranian space where people are faced with the problem of uncontrolled filtering and limited bandwidth. We also inquired about his opinion on the national internet and the future of virtual activities in the country.

Mr. Abadpour holds a Master’s degree in Mathematics from Sharif University and a PhD in Computer Science. He has been blogging under the pseudonym “Arash Kamanegir” since 2004 and has gained fame under this name. He has also been involved in several research projects on the relationship between Iranian users and the internet.

Given that currently, the majority of activists inside the country use VPN to bypass filtering, how accurately do you evaluate such a choice considering the insecurity of many VPNs?

This is a very good question. The technical point about using a VPN is that all the traffic the user uses goes through another server and using a VPN is exactly trusting a server that is sitting in between and it is not clear how much this server is willing to penetrate and try to break the code and extract information.

There is strong evidence that a significant portion of VPNs in the Iranian market cannot be trusted, which complicates the issue. To some extent, when using services that have encryption, such as Gmail and many social networks, there is security. However, it is very difficult for a service that is sitting in between to access information, but at the same time, we use a middleman server from the internet and for this reason, security measures become very important.

I think the only definite thing we can say about this ambiguous situation we are in is that we have no choice but to use the internet for social and political activities, but we must be careful to use it with maximum caution. For example, if it is private information and we can avoid publishing it on the internet, then let’s not do it and not take any risks.

Basically, how can we trust a VPN?

There is no way. Most VPNs do not have accurate names and labels, or even if they do, it cannot be guaranteed that they are correct. Often, we do not know exactly where the server is located. We often do not know who has access to the server logs. Therefore, we must assume that we cannot be certain.

Apart from using VPNs, what other ways do you suggest for bypassing filtering? For example, do tools like Psiphon or Tor have any advantages over VPNs?

Well, the methods we know for breaking or bypassing filtering are always a few steps ahead of the kids inside, and that’s an interesting point. Anyway, since we don’t need it in this area, our knowledge is not enough and that’s why I don’t claim to know more than the kids inside, and most of our knowledge comes from the feedback we get from inside the country and the information that censorship tools publish here. In many cases, the methods used are innovative and unique, which may not have been analyzed specifically. For example, the last email I received from the kids inside explained a method for watching YouTube videos, and the only question I had was about the security aspect of this method; in a way that to watch these videos, it takes the URL, enters it into a service, then brings a new link, changes it, and thus gains access to that video.

I gave this example to say that the path of information transfer in this field is from inside to outside, but as I mentioned, these methods are usually used just to give an answer and very few pay attention to the security aspect behind it. This is why we see a sudden popularity of a service and everyone starts using it, but after a while we realize that there were many dangers in it and these dangers were overlooked.

The examples you mentioned, along with Ultrasurf, are good and secure examples. However, we know who is behind Tor and Psiphon, and they are open source software, have global recognition, and have been security tested. We can at least have some knowledge of their security, as they claim, but usually we don’t know anything from within VPNs. Unknown tools, such as exe files or executables, that someone puts on social networks and tells you to run to bypass filtering, are extremely dangerous and there is a high chance that they contain malware.

Another issue that exists is the transmission of viruses through receiving files from email or exchanging information in this way. How can we deal with such a problem effectively? For example, how effective is installing antivirus software?

Regarding installing antivirus, an important point to note is that in the Iranian market, software is usually available in cracked form or without connection to a server for updates, and these can be very dangerous. We don’t know what other actions have been taken during the cracking process; the file may be completely infected. In addition, an antivirus that cannot be updated is not very useful because viruses and malware come very quickly and the data base of the software needs to be updated quickly. Free antivirus programs like Avira and AVG have been around for years and can be used. Having an antivirus provides a certain level of security, but the important point in digital security is that we need to understand the culture of this issue. For example, sending executable files via email is a mistake. When an executable file is run on our computer, it has full access to the hardware and can do anything without any control. Executable files are at the first level of danger and should be used with caution. The second level of

In any case, the issue of viruses and anti-viruses is like a game of cat and mouse that continues on. Even with the use of anti-viruses, there is always the possibility of the unfortunate event that the latest update has not been installed and we become infected with a virus. Of course, we must consider who the target is in this discussion; are we talking about the average internet user who ultimately uses social networks and email services, or are we talking about a specific social or political activist whose target is the Iranian government? In reality, the importance of the target must be taken into consideration. The average user is mostly exposed to dangers that anti-viruses are aware of and can be protected with a certain level of caution, but for certain individuals who are at maximum risk, it is possible for even a special tool that anti-viruses cannot prevent to be created and sent to infect them. With this explanation, we can also look at anti-viruses as a

Mr. Kamanegir, how much does the launch of the national internet endanger the free flow of information and to what extent can it be a threat to online activists?

National internet is a phenomenon that can be looked at from various perspectives and there are many different opinions about it. Personally, I think that in the first place, this event is a dangerous one because the main goal is to have all network traffic and inputs and outputs under the supervision of the ruling structure. In addition, national internet is based on national tools; these national tools are even more dangerous than national internet. For example, currently Gmail is used for emailing and even if all network traffic is under the control of the ruling structure, we can still be sure that the Ministry of Intelligence cannot break our email encryption. However, the proposed national email is a very dangerous issue. National email does not have encryption or its encryption algorithm is under the control of the surveillance structure. Therefore, at least in theory, any email that is exchanged on the national internet can be completely decrypted. Similarly, when Viber, WhatsApp, and others are replaced by national chat tools, every conversation and communication will be under the

But the topic goes a few steps further; when the discussion of national internet arises, discussions such as expanding access to the internet, reducing prices, and increasing bandwidth also arise. So despite the fact that national internet is initially dangerous and reduces social and political activity on the internet, it also works against itself; a large number of people will have fast and unfiltered access to the internet and will use it to speak their minds, which is something that the Iranian government structure will be harmed by. Of course, this is my opinion and many people do not share it and believe that with the launch of national internet, the funeral of internet activities must be read.

To what extent do you evaluate the activities of individuals who are active in the field of free circulation of information, especially outside the country, as positive and effective? By this I mean, how effective and pioneering have these activities been compared to the opposing party, which are the censors?

One of the functions of the internet is to create connections between activists inside and outside of the country. The governing structure of Iran knows that by expelling and forcibly exiling children who are active within the country’s geographical borders, it can sometimes have the upper hand. In any case, individuals become involved in the troubles of seeking refuge and various cultural shocks, and are separated from the mother society. The internet has the function of maintaining contact between the outside and inside. With censorship of these communication lines, it imagines that a favorable space is provided for it inside; we have sent out anyone who was active and cut off the relationship. With a fair view, these actions have also brought a level of success for the governing structure…

But the most important point is that this is just one of the functions of the internet. Another function of the internet is that it creates conversation in the same space. Tens of millions of people, throughout the day, talk to each other about common topics using this internet. The conversations may not be exactly about freedom of speech, but at least they are about why they are not allowed to enjoy the pleasures of life, why they are stopped on the street, why one person steals and takes a large amount of money, which is the national capital, and no one stops him, and they make jokes about the sacredness of the same structure, and so on. It is true that these topics are raw and may not be as mature as the topics that many children outside the country can bring up, but in any case, it is a costly conversation that takes place. For this reason, the structure can maintain itself to some extent by cutting off the external and internal relationship and, in fact,

As the final question, what is the percentage of damage to Iran’s cyber army? In fact, how true are the claims of complete control and domination?

In my opinion, one of the major problems that technology creates is that it can often act as a mask to hide what is really happening behind the scenes. The example you mentioned is a good one. We often hear that the Cyber Police has a lot of capabilities, controls all Iranian communications, monitors Viber and Skype, etc. But when we actually experience something, other things are revealed. Usually, we realize that these claims about technology, surveillance, hacking, and monitoring are actually a way to hide something that has actually happened and is of an old nature; a person is arrested and their email password is taken by force and through threats, they find and arrest other individuals. In fact, what has happened in reality is not of a technological nature, but simply a way for the structure to hide its violent methods and create fear and terror.

Of course, there have also been instances that have actually happened; including attacks on various websites and social engineering on social networks. But my belief, based on the cases I have worked on, is that in most cases, as I mentioned, there are other motives behind talking about technology and maneuvering on it, and that is the fact that there is surveillance on all people’s communication. It is more of something that the structure wants people to accept rather than it being a reality.

Thank you for the time you have given to the peace line.