Following my previous articles on Iran's "filternet" and the new (sort of) National Network (ShoMA) which are both attempts from the government of Iran to block internet access for Iranians (officially just to create a "clean" Internet, free of security threats and un-Islamic content), this article suggests some options to bypass ShoMA. It may be a case of cat-and-mouse between being able to access a site to download the software in the first place, before you can then bypass ShoMA. The regime can't block everything, so basically there will ALWAYS be a way to bypass ShoMA.
There is much talk online by Iranians in supporting ShoMA! You must wonder if they are supported by or live in fear of the regime...
I think as it's impossible for the regime to block access to all Internet websites, ShoMA could perhaps be most effective (assuming you cannot bypass it) at throttling Internet access speeds to sites anywhere outside of the ShoMA Intranet.
Smartphone access
The Iranian regime is finding it hard to combat the massive market for smartphones accessing Western-based social media applications which the regime is trying to ban/block/discourage such as WhatsApp, Viber, and Telegram. More Iranians access the Internet via their smartphones than they do from PCs/laptops, etc. which mirrors how most people around the world access the Internet.
The regime is trying to encourage Iranians to use domestic equivalent applications via Iran's equivalent to Google Play, for example, but why would anyone want to do that when they can continue to get access to the rest of the Internet and speak with friends outside of Iran?
Anonymous VPNs
Just Google for "iranian vpns" shows some likely providers which are popular in Iran right now (2016), such as the following:
Obvious/not-so-obvious features to look for in a good Anonymous VPN are:
- SSL tunnels for encryption of traffic (not much point using a VPN if it cannot do this!).
- "Stealth" features that will bypass DPI (Deep Packet Inspection) firewalls & unlike normal VPN traffic which can be filtered or blocked by an ISP, services will appear as regular HTTPS traffic making it virtually impossible to block (you will have the double protection of using a VPN and proxy). TorGuard's Stealth VPN Service, for example, offers this. See here for details. You can view a video on this feature here.
- Unlimited server switching and IP addresses.
- Application support to run on your phone as well as your PC.
- Use a combination of VPN and online stealthed proxy servers or use VPNs with Tor (very slow/may be blocked!).
Windows:
- Psiphon 3
- Freedome
- Hotspot Shield
- Lantern
- Ultrasurf
- Freegate
- Hotspot Shield
- Psiphon
- F-secure Freedom VPN
- Rakhsh
- Hola
- Gospeed
- Tunnelbar
- ShellFire
- GoVPN
- Haftkhan VPN
- FreeVPN In Touch
- North Ghost Touch VPN
- Your Freedom VPN
- Globus VPN
Tor/Orbot
Tor is used less in Iran than previously, because it's easier for the regime to block the traffic, and because the speeds are VERY SLOW, so VPN access will always be sought by Iranians in the balance between speed of access and security/anonymity. Tor may work even if standard VPNs, proxies, and SSH tunnels will not.
Online proxy servers
These are sites where you can either get in or get out of Iranian networks and are sites which the regime may try and block/the servers themselves may only be temporary. Typically comprise HTTP (for speed, not security) or HTTPS (for security) connections typically connecting via ports 8080; 80; 3128 or 8888. You simply set your browser to use the socket proxy settings so all traffic goes through that proxy. Some example sites that list Iranian proxy servers are:
SSH Tunnels
You may be able to access a server you already pay for and connect to it via the SSH (Secure Shell) protocol; you can then tunnel all your traffic via that server. If SSH connections are blocked, then you won't be able to connect to the server.
DNS Filtering
This is least likely to work, but involves changing the DNS servers through which to request. Some Internet service providers have implemented filtering by changing their DNS servers to redirect requests for the blocked websites to another website. Examples include OpenDNS or Google public DNS servers, but these would be likely blocked by ShoMA.
Satellite access: a fantasy?
Assuming you can afford this expensive option and can get a subscription and a portable VSAT (Very Small Aperture Terminal), then satellite Internet access could be a way to bypass ShoMA, as the regime will not have access over satellite providers and they cannot disrupt or jam all such connections? VSATs are used in Internet cafes but you would need to present your national ID in such places...
The cost to purchase and run is very high and would need to be shared by many people to be affordable, so is maybe just a fantasy.
