Washington Post: Haystack, a company that has created software designed to circumvent Iranian government censors, has stopped testing its program amid criticism of faulty security.
The Washington Post
Cecilia Kang
Tuesday, September 14, 2010; A15
Tests of Iran anti-censor software halted
Haystack, a company that has created software designed to circumvent Iranian government censors, has stopped testing its program amid criticism of faulty security.
Haystack founder Austin Heap said in an interview Monday that concerns about how his much-touted software program works and whether it is secure are “valid.”
“For the time being, we are going to stop human testing and rely instead on machine testing,” Heap said.
He said in a blog Monday that the software is being reviewed by a third party and testing will resume if it passes muster.
The move comes after Foreign Policy (a division of The Washington Post Co.) technology writer Evgeny Morozov and engineers said that lax security in the Haystack program could hurt users in Iran by exposing them to government authorities.
About two dozen Iranians have been testing the year-old anti-censorship technology that allows the use of proxies on the Internet to disguise user identities.
“We have been very clear with our testers about risks, and from my understanding there may be only one case where risks were not in writing,” Heap said. In response to that case, the nonprofit firm came up with a disclosure policy to ensure that users were properly notified of the risks associated with using the technology under government censorship, he said.
Heap, 25, received much media attention for leaving his job as a California software developer to create Haystack after the government of Iran tried to block the transmission of videos, e-mails and other communication tools that depicted protests of election results.
Heap launched his program as the Obama administration began a push to stomp out global online censorship. Secretary of State Hillary Rodham Clinton has promoted Internet freedom and criticized the Chinese and Iranian governments for controlling what information its citizens can access and distribute on the Internet. Nearly one-third of all Internet users live in a government regime that censors.
The State, Treasury and Commerce departments approved the export of Haystack to Iran. That process, though lengthy because the United States has trade sanctions against Iran, too easily approved a technology that needed more vetting, Morozov said.
“What is most interesting is the enabling environment – why tough questions weren’t being asked,” Morozov said. “People in Washington are jumping on the Haystack bandwagon because it portrays them as hip and in touch with the times but doesn’t show all the risks involved.”
