For years, the leadership in Iran has been threatening to build its own private, state-controlled internet, but in recent months, we've started to see what that looks like in practice. Since March, the regime has led crackdowns on any technology that might threaten its control of the online space, pulling the plug on outgoing VPN connections, throttling encrypted traffic nationwide and blocking the Tor bridges that would help Iranians escape onto the global web. It’s a broadside attack on the open internet, and a test of every tool in the cypherpunk arsenal.

"Why would you go to Youtube.com when you can go to YouTube.ir?"

It’s a cut-rate version of China’s Great Firewall, built with less sophisticated tech and without the market power to draw in services like Google and Skype. As a result, the Iranian firewall relies more on soft coercion, often throttling traffic rather than blocking it outright. Blocks will often be unofficial, occurring in a small area for only a few days. "It's an effort to force people into national services, national email, national social networks," said Collin Anderson who collaborated with Small Media to produced a recent report on Iran's web-filtering practices. "Why would you go to YouTube.com, which is slow, it's filtered, it's not in Persian, when you can go to YouTube.ir which is fast and has pirated content? You'll never see a video of [martyr of the 2009 uprising] Neda getting shot, but how often are you going to look at that? And it's illegal anyway." For censors, it's not a question of unplugging from the global web, but making foreign sites so inconvenient that Iranians will choose to ignore them.

But there are ways around these measures, and as a side effect, the regime's strategy is giving many Iranians an education in circumvention tools. Before the recent crackdown, Iran was the second-biggest user of Tor, a global routing network that lets users disguise their browser requests. Even after native services were blocked, thousands of users have been connecting through Tor's Obfsproxy, a tool designed to slip through the regime's web-filtering measures. So far it's working, but it's just the latest move in a cat-and-mouse game between censorship and circumvention tech.

Torusers

Iran's capabilities are especially hard to predict because of what observers call the "two-level censorship regime." The easiest way to block a site is at the ISP level by having service providers simply refuse to serve requests to particular sites. But while Iran's internet is state-controlled at the highest level, local ISPs are still independently operated. Iran’s Supreme Cybercouncil can order a block on certain domains, as happened with the recent VPN block, but smaller shops are often purposefully sluggish to comply with the latest censorship initiatives.

Any site that can't be spied on slows to a crawl

The stronger kind of web control comes from the Telecommunications Company of Iran, which routes all the data traffic coming in and out of the country. With techniques like deep packet inspection, they can limit the quantity of SSL-encrypted traffic that's allowed in and out of the country. That means slowing down everything from Gmail to the HTTPS version of Wikipedia. Any site that can’t be spied on slows to a crawl. To pull it off, the regime needs sophisticated and specialized equipment, which has traditionally been blocked by sanctions — but it hasn't stopped them. That's led to widespread speculation that a company is violating the sanctions, but without proof, there's little web-freedom activists can do.

"The concern is that... if the election becomes contentious, they can block the services overnight."

And the recent crackdown may only be the beginning. VoIP services like Skype have been seeing the same local, sporadic outages that Tor saw in February. Anderson is concerned that it could be setting the stage for a similar blackout, possibly timed to the upcoming elections in June. "The concern is that the government is testing their methods of blocking Skype and Viber, so that if the election becomes contentious, they can block the services overnight."

It’s a worrying thought, but more worrying is just how little we know about Iran’s web-filtering capabilities. In many cases it’s hard to tell if a block is happening at the ISP level, at a national level, or even if it’s happening at all. There’s reason to think Iran is accumulating national-level filtering equipment, which is certainly in line with what the regime has promised, but it’s hard to judge how advanced they’ve gotten. "There’s always rumors. There’s rumors that come from people who worked in the ISPs, there’s rumors that come from who knows where," Anderson says. "We can have an educated guess, but we never know."