Iran's Election As Seen Through the ISPs

The protests in Iran that have come in the wake of the country’s June 13 election results, which returned President Mahmoud Ahmadinejad to power, have showcased the rise of social media like Twitter, Facebook and even cell phone video taken in the streets and uploaded onto YouTube. Arbor Networks, a company that provides security and deep packet inspection equipment to ISPs, has taken a look at the implications of the conflict — not at the social media level, but at the packet level — and found that Iran’s web censorship is different from those of other regimes.

Whiles some governments block certain web sites with a heavy hand or cut off web access entirely, Iran has taken a far more subtle approach. The state-owned Data Communication Company of Iran (or DCI), which acts as the gateway for all Internet traffic entering or leaving the country, has slowed web access down to a crawl. The assumption is that DCI dialed back the bandwidth in order to better inspect which content and packets needed to be censored. Instead of viewing the packets through a fire hose, they turned the pipe into a garden hose so that equipment can sift through the packets and let legitimate traffic through. In a blog post today, Arbor Chief Scientist Craig Labovitch writes:

I can only speculate. But DCI’s Internet changes suggest piecemeal migration of traffic flows. Typically off the shelf / inexpensive Internet proxy and filtering appliances can support 1 Gbps or lower. If DCI needed to support higher throughput (say, all Iranian Internet traffic), then redirecting subsets of traffic as the filtering infrastructure comes online would make sense.

Indeed, web traffic was stopped following the election, then reopened, but at much lower levels. But this may prove to be a partial victory for web censorship, and an opportunity for some unscrupulous equipment vendor who wants to interest the Iranian government in better deep packet inspection equipment.