Iranian finance/tech manager publishes 3,000,000 bank accounts' details and PINs

A finance technology manager named Khosrow Zarefarid discovered a critical flaw in Iran's online banking systems. He extracted 1,000 account details (including card numbers and PINs) and emailed them to the CEOs of 22 Iranian banks along with detailed information about the vulnerability. A year later, nothing had been done. Zarefarid extracted 3 million accounts' details from the bank's systems and posted them to Many Iranian banks have now frozen their customers' accounts and are only allowing PIN-change transactions at ATMs. Some banks have texted their customers to warn them of the breach. The Central Bank of Iran has published an official notice of the breach, but the notice does not say that the underlying vulnerability has been fixed, or even whether it is being addressed. Zarefarid is said to have left Iran, though his whereabouts are not known, at least to Emil Protalinski, who wrote about the breach for ZDNet:

It does not appear as if Zarefarid stole money from the accounts; he merely dumped the account details of around 3 million individuals, including card numbers and PINs, on his blog: I found the link via his Facebook account, along with the question “Is your bank card between thease 3000000 cards?”

...Zarefarid previously worked as a manager at a company called Eniak, which operates the Shetab (Interbank Information Transfer Network) system, an electronic banking clearance and automated payments system used in Iran. The company also manufactures and installs point of sale (POS) devices. In other words, Zarefarid worked for a firm that offered services to Iranian banks for accepting electronic payments.

Read the rest

Iran's "Halal Internet" evolves into a mere more-ambitious censorship regime

Iran's governing elite have been making noises for years now about the construction of a "Halal Internet," a kind of national intranet with its own email service, microblogging, search tools, etc. Now a leaked Persian-language "Request for Information" from the Research Institute for ICT in Tehran, which consults on technology for Iran's Ministry of ICT suggests that the plan has evolved into a more ambitious version of the existing national censorship regime. In Ars Technica, Cyrus Farivar analyzes the proposal:

Collin Anderson, the researcher who found the document, said this RFI shows an unexpected shortcoming of the Iranian government to capitalize on its own domestic ability and recent deals with Chinese telecom companies such as Huawei and ZTE.

Huawai said late last year it was pulling out of Iran. ZTE, meanwhile, has previously sold millions of dollars of telecom and surveillance equipment to the Islamic Republic.

"I believe this clearly demonstrates that the Iranian government does not intend on cutting off access to the external Internet time soon," Anderson told Ars on Tuesday, explaining that the acquisition of a censorship system would not be necessary if Iran was trying to create a highly restricted whitelist or completely cut itself off from the Internet.

"This might suggest that the government has not been able to acquire the services of foreign companies for planning and optimizing an infrastructure," he added.

"This is surprising for those, including me, who believe that much of the censorship software and hardware was being developed internally. The RFI seems to imply the desire to move beyond blacklisting sites and keywords, to a more intelligent system of detecting and blocking ‘immoral’ content, such as pornographic or culturally offensive material."

I'm in the middle of reading Rebecca McKinnon's Consent of the Networked, which is probably the best single book on the subject I've read to date (review coming soon). Read the rest

Iran denies reports that internet will be cut, replaced by "clean, national intranet"

PHOTO: Technicians monitor data flow in the control room of an internet service provider in Tehran February 15, 2011. REUTERS/Caren Firouz

There's an AFP item today on Iran's denial of online reports that it plans to shut off access to the Internet this August, replacing that access with a "national intranet." Snip:

The reports derived from a supposed interview with Communications Minister Reza Taghipour published on April 1 that was in fact a hoax, the ministry said in the statement on its own site -- which itself was not accessible outside of Iran. “The report is in no way confirmed by the ministry” and is “completely baseless,” the ministry statement said.

The hoax report quoted Taghipour saying that Iran would from August launch a “clean internet” that would block popular services like Google and Hotmail and replace them with government-sponsored search engines and e-mail services. The ministry statement slammed the false report as serving “the propaganda wing of the West and providing its hostile media with a pretext emanating from a baseless claim.”

(via Jillian York) Read the rest

Iran attacks internet access on Islamic Revolution anniversary

At Hacker News, a user named "Sara70" posts:

I'm writing this to report the serious troubles we have regarding accessing Internet in Iran at the moment. Since Thursday Iranian government has shutted down the https protocol which has caused almost all google services (gmail, and itself) to become inaccessible. Almost all websites that reply on Google APIs (like wolfram alpha) won't work. Accessing to any website that replies on https (just imaging how many websites use this protocol, from Arch Wiki to bank websites). Also accessing many proxies is also impossible. There are almost no official reports on this and with many websites and my email accounts restricted I can just confirm this based on my own and friends experience. I have just found one report here. The reason for this horrible shutdown is that the Iranian regime celebrates 1979 Islamic revolution tomorrow.

Jake Appelbaum and the Tor Project folks confirm that Iran is partially blocking encrypted network traffic, and they are trying to help ensure free and safe access for activists (and everyone else inside the country).

More at Washington Post, at CNET, and The Next Web.

(via @jadi)

PHOTO: Iranian schoolgirls chat online at an internet cafe which is exclusively for females, near the city of Karaj, 60km (38 miles) west of Tehran, May 24, 2007. REUTERS. Read the rest

Was American arrested for spying in Iran producing "propaganda games" for CIA?

Dominic Girard from the Canadian Broadcasting Corporation sez,

It's one thing for Iran to arrest an American and sentence him to death for being a spy. It's a whole other thing when you say the spy made video games as propaganda for the CIA. Yet that's precisely one of the charges Iranian-American Amir Hekmati confessed to on Iranian television in December. (Let's remember that Iran routinely accuses foreigners of being spies, and there's no way of knowing exactly what methods were used to get Hekmati to read out his confession).

Hekmati did once worked with Kuma Games - a New York based game developer. Iran believes Kuma Games are CIA propagandists, that the company makes video games to disseminate a pro-USA message internationally. Some of Kuma Games' offerings are playable scenarios of real-world events. You can be a rebel trying to track down Gadhafi in Libya. You can join Team Six and kill Osama bin Laden. You can also be a soldier inserted in Iran, trying to sabotage their nuclear weapons program. But does that necessarily mean they're a CIA front? This short CBC Radio documentary tries to sort out if the CIA would ever consider such an idea, and if it would even be worth the effort.

Day 6 Documentary: Propaganda Games Read the rest

Iran tests new radar-evading missile

A soldier carries ammunition on a naval ship during the Velayat-90 war game on Sea of Oman near the Strait of Hormuz in southern Iran December 31, 2011. Iran test-fired a new medium-range missile, designed to evade radars, on Sunday during the last days of its naval drill in the Gulf, the official IRNA news agency quoted a military official as saying. (REUTERS/Fars News/Hamed Jafarnejad - IRAN) Read the rest

Danish company helped Iran with surveillance program that identified journalist who was arrested and tortured

RanTek, a Danish company, is reportedly supplying Iran with censor/spyware technology, which was part of a larger effort that was used to identify a dissident journalist who was arrested and tortured.

Until he was arrested, he worked for Mehr, the official Iranian news agency. He received information from all over the country about protests and demonstrations, information too controversial to be used in the news agent's official work. Instead he published it through other channels, e.g. Facebook. However, after the elections in June 2009, when people took to the streets in protest against Ahmadinejad's election victory, it was clear to the Iranians that the Internet is in no way safe.

Nearly 4000 people were arrested solely on the basis of monitoring of their private internet traffic«, says Farahani.

Now it seems that the Danish company RanTek helps the Iranian regime with the monitoring of the Iranian population. The day before Christmas the Bloomberg news agency reported that the Danish IT company re-packages and sells surveillance equipment to Iran. Ironically, the equipment originally comes from the Israeli manufacturer Allot Communications, which means that the Israelis through a Danish intermediary have helped their mortal enemies.

Eksperter: Dansk firma hjælper med iransk overvågning (Danish)

Danish company helps Iran spy on citizens (English)

(Thanks, Henrik!) Read the rest

Zahra's Paradise: graphic novel about Iranian uprising is a story and a history

Zahra's Paradise, a new book from FirstSecond, collects in one volume the serialized (and brilliant) webcomic, written by two pseudonymous Iranian dissidents. It's the gripping story of a Medhi, a young man kidnapped by Iran's secret police during the election-season demonstrations of 2009, and it is a heart-rending tale of loss, hope, technology, revolution, politics, bravery and resilience. Told form the point of view of Medhi's blogger brother (who has previously been arrested for publishing political material), it features an in-the-round look at the power and limits of technology to effect revolution. Its cast includes bloggers, secret policemen, brave copy-shop/Internet cafe owners, influence peddlers, disgraced bourgeois, broken prisoners and a family devastated by loss.

And while Zahra's Paradise is an informative (if fictionalized) account of the Iranian election uprising and a vivid condemnation of the stern, joyless Khomeniest version of Islam, it is also a fantastic story, a graphic novel that races to its conclusion. The webcomic was serialized in 12 languages (including Farsi and Arabic) and the print edition is available in a dozen countries from today.

Zahra's Paradise Read the rest

Understanding the SSL security breach, preparing for the next one

Electronic Frontier Foundation staff technologist Peter Eckersley has a good, in-depth analysis of the revelation that Iranian hackers acquired fraudulent SSL certificates for Google, Yahoo, Mozilla and others by spoofing Comodo, a major Certificate Authority. CAs are companies that are allowed to sell cryptographically signed certificates that browsers use to verify their network connections; with these spoofed certs, the hackers could undetectably impersonate Yahoo and Google (allowing them to read mail even if it was being read over a secure connection), the Mozilla certificate would allow them to slip malicious spyware onto the computer of anyone installing a Firefox plugin.

It appears that the fraud was detected before any harm could be done, but Eckersley explains how close we came to a global security meltdown, and starts thinking about how we can prepare for a more successful attack in the future.

Most Certificate Authorities do good work. Some make mistakes occasionally,2 but that is normal in computer security. The real problem is a structural one: there are 1,500 CA certificates controlled by around 650 organizations,3 and every time you connect to an HTTPS webserver, or exchange email (POP/IMAP/SMTP) encrypted by TLS, you implicitly trust all of those certificate authorities!

What we need is a robust way to cross-check the good work that CAs currently do, to provide defense in depth and ensure (1) that a private key-compromise failure at a major CA does not lead to an Internet-wide cryptography meltdown and (2) that our software does not need to trust all of the CAs, for everything, all of the time.

Read the rest

Iranian paper covers Baroness Ashton's cleavage

Baroness Ashton, in Iran for negotiations over its nuclear program, was given a less revealing outfit by a local newspaper. [BBC]  Iran: You Suck At Photoshop (updated) - Boing Boing "Iranian missile photoshop" photoshoppery - Boing Boing Ahmadinejad sucks at Photoshop Boing Boing Read the rest

Hossein "Hoder" Derakhshan temporarily released from Iranian prison

Cyrus Farivar sez, "Iranian-Canadian blogger Hossein Derakhshan was temporarily released from a Tehran prison, after having been incarcerated for 26 months, according to a report Thursday on Mashregh News, a conservative Iranian news website. The site was among the first to report Derakhshan's conviction at the end of September on charges of 'conspiring with hostile governments, disseminating anti-Islamic propaganda, disseminating anti-revolutionary propaganda, blasphemy, and operating and managing obscene pornography websites.' The account was confirmed by a source close to the Derakhshan family, who wished to remain anonymous and said Derakhshan was 'happy to be out,' adding 'we have been pushing for this for months, especially after his trial, but it has always been refused.'"

Iranian blogging pioneer temporarily released from prison  Canadian/Iranian blogfather Hoder faces death penalty; will Canada ... GoDaddy blocks friends of jailed Iranian blogger "Hoder" from ... Iran: blogger Hossein "Hoder" Derakshan confirmed in prison ... Persian blogger Hoder on how to build a blogosphere - Boing Boing Hoder on Bam earthquake and Iran's goverment - Boing Boing Stuart Hughes' audio chat with Hoder about blogs + Iran - Boing Boing Search Engine video podcast: Free Hossein Derakhshan, even if he's ... Read the rest

Iran rebellion webcomic enters the secret prison

Gina from FirstSecond books sez,
Following Iran's 2009 elections, thousands of people took the streets in protest. An as-yet-unknown number of these protesters were arrested and taken off the grid, removed from the system, and many of them still cannot be found, despite continual inquiries from family, friends, and compatriots.

This is the subject of the current chapter of the webcomic Zahra's Paradise, titled Kahrizak. Kahrizak is the incarceration center where so many protesters disappeared to. It was eventually closed when it became public knowledge, and an embarrassment for the regime.

In this chapter of Zahra's Paradise, the narrator/blogger receives news: one of his friends who was missing, Ali, has been released and has returned home. Everyone rejoices, and they gather to celebrate. But Ali does not want to celebrate; his experiences in prison have been traumatic. He does have a message for the blogger, though: his brother, Mehdi, was held with him in Kahrizak, where the government moved troublesome people it wanted out of the normal system, inaccessible to any pleas for help.

This chapter, Kahrizak is a story about intimidation and rape and torture; it's a story about what people do when they're given power over others and no limits to restrain them. It's a story of systemic brutality that leaves everyone who goes through the prison system broken, sometimes for no more reason then the fact that they had an opinion, and spoke about it.

Zahra's Paradise - Chapter 10: Kahrizak (Thanks, Gina!) Read the rest

Canadian/Iranian blogfather Hoder faces death penalty; will Canada intervene?

Jesse Brown writes:
If you haven't been following the case of Hossein Derakhshan, here's all you really need to know: he's a blogger and a Canadian citizen who was arrested in Tehran in 2008 because of things he wrote. He was finally tried, and now he may be executed, and the Canadian government has done nothing to help him.

There are many more details, of course. Details of good things he's done, like when he taught thousands of Iranians how to blog in their own language, and when he traveled to Israel to show his readers that Israelis were not their enemies. And there are details of lousy things he's done, like when he decided to support Ahmadinejadand and his nuclear arms program, and when he turned on peaceful friends and baited the media.

And there are details that muddy his case: he is also an Iranian citizen, and Iran doesn't recognize dual citizenship, and that makes it harder for Canada to do anything, and so they haven't tried.

But these details are irrelevant. "Hoder" is a Canadian citizen with the same rights as any other, and the fact that his country is sitting idle while he faces execution is a shame and an outrage.

If the Canadian Embassy is pressured to do something, they might, and that could well save Hossein's life. The Canadian Embassy in Iran can be contacted at

Free Hoder Iran: blogger Hossein "Hoder" Derakshan said to have been jailed ... GoDaddy blocks friends of jailed Iranian blogger "Hoder" from ... Read the rest

Iranian activists release free Persian Little Brother

A group of Iranian activists abroad and in Iran have produced a professional translation of my novel Little Brother and have released it online with the hope that it will be of interest to Iran's online activists. I've written an introduction to the edition on online activism and dissidence. It was a volunteer-led project, but they paid the translator (whose identity is a not publicly disclosed at this time), and are asking for donations to help defray the cost.
We are pleased to announce that the first version of the Persian edition of "Little Brother" by Cory Doctorow is available for download now.

The translation of the book is licensed under the Creative Commons Atrribution-NonCommercial-ShareAlike 3.0 license. Little Brother (in English) can be downloaded for free from Cory's website.

Please send us your comments to

Little Brother Persian Edition version 1.0 Released! Clip from an illegally made movie about Iran's underground rock ... Iran: death penalty for "corrupt weblogs" Iran to block all Google services, will offer "national email ... Cyberwar guide for Iran elections Read the rest

Anonymous Iranian dissidents launch online comic about Iranian current events

Gina from kick-ass comics publisher FirstSecond sez,
First Second Books is pleased to announce a new online serial project: Zahra's Paradise, a graphic novel about the social and political situation in today's Iran, will be serialized on line beginning 12:00 a.m., February 19, 2010 and be published in book form in 2011. In the beginning, the serialization will reflect events in Iran's recent past, but in the months to come, as current events unfold in Iran, they will be woven into the story.

Written by Amir, a human rights activist, and illustrated by Khalil, Zahra's Paradise tells the story of an Iranian blogger's search for his brother, Mehdi, a nineteen year old protester who has disappeared in Tehran after the June 2009 unrest. As the blogger and his mother, Zahra Alavi, begin their search for Mehdi, we are drawn into the underbelly of the Islamic Republicâ€"an elaborate labyrinth in which countless dissidents have vanished over the past decades. Although the characters are fictional composites of actual people in Iran, the context and events are real. The project is a roman à clef of history as it happens.

Zahra's Paradise (Thanks, Gina!)

(Disclosure: I'm happy to say that FirstSecond will publish a graphic novel based on one of my short stories) Previously:Iran to block all Google services, will offer "national email ... Iran threatening expat critics in the US via email Boing Boing Torture whistleblower in Iran killed by poisoned dinner salad ... Boing Boing: Update on Iran's latest 'net crackdown: mandatory ... Read the rest

Iranian dissident site back online!

Ethan Zuckerman writes,
Thanks for the post regarding mowjcamp on Monday. Less than 48 hours later, the situation's been resolved, thanks in no small part to Yahoo! who put serious resources into resolving the situation. I've updated my post: is back up! Friends at EFF were able to broker a conversation between Yahoo, Moniker, Melbourne IT and Access Now. The situation is complicated, and I'm still trying to understand the details of the resolution, but it's fantastic news that the site is back up. Special thanks to friends at Yahoo! who ended up taking the brunt of the criticism for the downtime. That wasn't fair, and was in part my fault for not understanding everyone's role in the situation. Yahoo! worked extremely hard to resolve the situation after being called out and deserve special thanks for their hard work, as does everyone who took action to get this important site back online.

Mowjcamp (Thanks, Ethan!) Previously:Yahoo's intransigence means leading Iranian dissident site is ... Read the rest

Yahoo's intransigence means leading Iranian dissident site is still offline six weeks after hack attack

Ethan Zuckerman writes, "Mowjcamp, the green movement's main citizen media site, was hacked by the 'Iranian Cyber Army' the same day they hit Twitter, in mid-December 2009. Twitter was back online within two hours. Mowjcamp - despite the intervention of AccessNow and others - is still offline six weeks later, caught in an apparent dispute between Yahoo and Moniker over control of the domain. I've posted about the situation today, looking at the process of Denial of Service via bureaucracy. Danny O'Brien at EFF will be writing on Deep Links about the situation later today. Would love some help shining the light on Yahoo in particular, a founding member of the GNI (group focused on freedom of expression online), which has been unresponsive and difficult throughout the process. "
I've been in regular contact with the administrators of Mowjcamp as they've tried to regain control of their site. For six weeks, they've been getting the runaround from Yahoo! (where they'd originally registered the domain names) and Moniker (where the hackers moved control of the domain name). Yahoo has been informed that the site was illegally moved by hackers who managed to access a Yahoo Mail account and authorize a transfer to Moniker - they've told the site administrators that there's nothing they can do, and the problem's in Moniker's hands. Moniker, in turn, tells the administrators that they've responded to Yahoo, which will resolve their problem. In the meantime, the site continues to be inaccessible from the URLs by which it is most widely known.
Read the rest

More posts