JCPOA Negotiations: How Iranian regime delegation in Vienna are leading world partners down a path of deceit and delay 🤬🤬🤬

JCPOA Vienna Talks (Image credit: Foreign Brief) 

Private talks in Vienna between Iran and Western powers aimed at reviving nuclear deal reached in 2015 have been going on for some time but there have been reports of numerous differences between the two sides. E3 diplomats say Iranian regime delegation unwilling to negotiate genuinely and as Iran's deceptive regime continues to stockpile uranium E3 diplomats warn that the nuclear deal will become a hollow shell in the not-too-distant future.

Iran's response to these allegations is as usual a deceptive and deviant response saying that diplomacy is a two-way street that goes so far as to accuse Western powers of playing the blame game. But the reality is very different as usual. Leaked notes from these talks indicate that the Iranian regime wants all sanctions to be lifted by the United States regardless of whether the sanctions were imposed because of  nuclear deal. 🤦‍♂️🤦‍♂️

It is clear that this delegation and by proxy this evil regime of mullahs have no interest in negotiating with the Western powers in this regard. They continue to delay and deceive their partners into thinking that an agreement can be reached while behind scenes they continue to stockpile uranium for nuclear weapons. this is so BAD! Western powers must be ready to withdraw from these negotiations and take further measures to eliminate this regime.

The innocent people of Iran suffer every day because they fail to act 😭😭

Charming Kitten AKA APT35 activity up rapidly in 2021: Google Issue public warning

 

It has been reported that the servant group of this corrupt Iranian regime called the Charming Kitten also known as APT35 has steadily increased its cyber attacks this year and increased the complexity of its cyber attacks. Google has now issued a public warning against the group.

Charming Kitten became famous in 2020 for phishing the accounts of US White House staff in the run-up to the 2020 US presidential election and they continued their evil ways in 2021. They Withdraw credentials from a British university called SOAS using a phishing kit and deploying a piece of spyware in mobile app stores that pretend to be VPNs. They also used telegram sendMessage API to find out the IP addresses and whereabouts of victims who clicked on their phishing links, as well as pretending to be staff members at Think20 conventions in Munich and here at home in Italy sending malicious phishing links to innocent victims.

Google have issues public warning of State-Sponsored cyber attacks 

It is worrying trend that Google feels that the threat posed by Charming Kitten is strong enough to issue a public announcement because they feel that the complexity of attacks from this horrific group is increasing. When will this corrupt regime stop trying to turn the lives of others into hell ??? 😡😡

Log4shell: Log4j zero-day vulnerability is a cybersecurity disaster!! and cyber criminals and hostile regimes are big winners 😟🤦‍♂️

The whole cybersecurity community and InfoSec community have been talking about Log4Shell since the Log4Shell news broke last Friday. Log4j is an Apache product and is a Java-based log library that has been around for over 20 years. A vulnerability called CVE-2021-44228 allows a hacker to use the LDAP protocol to interpret Log4j a log message as a URL and then send a GET request to the vulnerable server. Executable loads can then be activated within the GET request using the programming parameters ${} meaning that the hacker has full access to Remote code execution or RCE privilages and can then attack a server however he or she wishes.

Diagram showing Log4j / CVE-2021-44228 vulnerability (image credit: Juniper Threat Labs)  

If many companies did not use log4j, this would be a minor issue. However, the fact that log4j has been around for so long means that hundreds of thousands of companies that store millions of records of public data including government websites and even Minecraft servers are at risk. Another big problem is that older versions of Log4j exist on many older systems and cost millions to identify and repair.

Its clear that Log4Shell is one of the biggest disasters in cybersecurity and criminals are already using it. RCE exploit has been reported to have been used for at least 9 days before the zero-day vulnerability became public and ransomware attacks linked to Log4Shell have also begun to appear. Now is the time for cybercriminals and hostile government actors to steal citizens data and try to exploit it in a criminal way. 😡😡

Please friends update your Log4j packages to the modified version and continue to lobby the companies that store your data to make sure they do their best to keep your data safe. 🙏🙏

The Iranian government was once again subjected to criminal SMS fraud

The Radio and Television Agency has reported that tens of thousands of Iranian citizens have been targeted for financial fraud by text message impersonating Iranian government.

This scam is committed by cyber criminals who first forge hyperlinks alleging to be Sana system, which is used for the Iranian justice registration system via SMS. This text message is likely to contain content designed to intimidate recipients into downloading an application to pay for services. Once the victim has downloaded the app and entered their credit card details to pay for the service, cybercriminals will now have all the details they need to start committing bank fraud against the victim, which is usually between $ 1,000 and $ 2,000 per victim. 💰💰

Fraudulent Sana System Application used by these cyber criminals 

It has been reported that this is most likely the malicious act of independent cybercriminals rather than government actors, but it is clear that the Iranian government's cyber security measures are so weak that they can easily be exploited to defraud the hardworking people of Iran. When will this corrupt regime stop wasting its time and money attacking other countries and instead spend its time and money on improving its own cyber security? It is a shame at this stage, and in the end the innocent people of Iran are suffering.

Iranian cyber actors exploiting Microsoft MSHTML Vulnerability to steal Google and Instagram credentials of Farsi Speakers

Safebreach experts report that a new Iranian cyber actor has used a exploit of Microsoft MSHTML Remote Code Execution (RCE) to infect farsi-speaking victims using a new malicious PowerShell script. The attackers rely on victims who did not patch CVE-2021-40444 an RCE vulnerability in Microsoft's browser engine that was patched in September 2021. This Powershell script is only 150 lines long but provides a lot of very personal items to the attacker. Information about victims such as telegram files and screenshots as well as collecting documents and information about the victim system environment.

Snippet of Malicious PowerShell Source Code 

 

The hackers are tied to the Iranian regime because the monitoring of victims telegrams is very similar to other Iranian hacker groups such as Infy Ferocious Kitten and Rampant Kitten. To download the malicious PowerShell script a word document is dropped on the victim system via spearphishing email. Based on content of destructive word document, which displays an article blaming Khamenei for his avoidance of American and British vaccines as well as the nature of the data collected the victims are thought to be Iranians like me. They are abroad and critics of the regime. About half of victims are based in the United States.

          Location of Iranian Victims Targeted (Source: safebreach)

There have been two ways these hackers have hunted down victims. One way was to create a phishing website called deltaban.com. deltaban.com claims to be a legitimate travel agency in fact is a phishing website for these Iranian hackers that forces users to enter Gmail and Instagram credentials. If an uninformed victim does this, his or her Gmail and Instagram credentials will be compromised and stored on a rogue C2 server controlled by hackers. The second way, as mentioned above, is obtained in 3 steps. 1. A spearphishing email is sent with a malicious word document attached. 2. The Word file then connects to a malicious C2 server then executes rogue JavaScript code and creates a .DLL file in %temp% directory. 3. That malicious .DLL file then executes the PowerShell script mentioned above.

                        CVE-2021-40444 Vulnerability 

At present, this corrupt regime seems to want to carry out cyber attacks on a daily basis and also does not care whether these attacks harm  Iranian people. When will this madness end?? Please friends protect yourself and download the latest patch so that these cyber attacks can not steal your information. Stay safe friends 🙏🙏

Original Report: https://www.safebreach.com/blog/2021/new-powershortshell-stealer-exploits-recent-microsoft-mshtml-vulnerability-to-spy-on-farsi-speakers/

Mahan Air Cyberattack - Exposing dirty secrets of IRGC QF and Further Technical Analysis

Hello friends 🙏 As I promised I continued my research on Mahan Air cyber attack and collected technical analysis for all of you.

It turned out that the hacker group responsible for this cyberattack Hooshyarane Vatan had succeeded in accessing Mahan air systems due to the fact that all sensitive information was not encrypted. It was also revealed that Mahan Airs IT department had actually identified the hackers on the network and had not yet been able to remove them. How bad are the security measures in Mahan Air ???? 😳😳

Hacktivist group responsible for Mahan Air Hack - Hooshyarane Vatan

The first revelation that came out of this cyber attack was evidence that multiple passengers called MR Hamrah Hamrah had boarded flights more than 70000 times on Iranian flights to Syria !! All are booked using the same travel agency called Utab Gasht. Utab Gasht seems to be a legitimate company but it turned out that they regularly transfer funds to a company called Hamrah or Hamrah SYR. Hamrah Company was rarely mentioned by Mahan Air employees, but a number of employees accidently leaked this information and wrote letters to the esteemed CEO of the company Mr. Golparast. Mr. Golparast is an exposed officer of the IRGC and the owner of Qeshm Fars Company which is a front for IRGC!! Mahan air is making dirty deals with IRGC officers !! Incredible! 🤯🤯

Leaked Letter 

Further analysis of this cyber attack also reveals numerous receipts for charter flights fully booked by the Hamrah company along with hundreds of illegal passengers traveling between Tehran, Damascus and Beruit. This evidence as well as further evidence indicating that passenger load exceeds limits over hundreds of kilograms shows that Mahan Air is actively facilitating the IRGCs QF activities and arms deals in Syria and Hezbollah in Lebanon. There is also a big difference with passengers who board flights and who are registered in the flight system. More than 400 passengers are lost every month under this name. Who knows what other dangerous personnel and cargo the Islamic Revolutionary Guard Corps carries on these flights alongside innocent civilians on flights? Absolutely embarrassing!! 😡

Leaked Invoice for hidden chartered flights 

It was also revealed that all these flights are booked with only 15 phone numbers and also certain people with special privilege are mentioned to board Mahan Air flights. Most likely these are QF IRGC officials. These are listed below:

Phone Numbers and Names used for IRGC QF flight bookings at Mahan Air 

After the technical analysis of this cyber attack it is revealed that Mahan Air has sold its soul to the IRGC and QF. How can Mahan Air do this to the Iranian people? A catastrophe could easily have happened when all these covert and evil deals and trips were completed. The Hamrah company are accompanying Utab Gasht and Qeshm Fars as front companies of the IRGC and its sinister motives and Mahan Air is in bed with them. disgusting! Friends, please do not travel with this airline anymore 🙏🙏

Mahan Air Suffers From Cyberattack

It has been reported that Iran airline Mahan Air has be hit by cyberattack. According to news agencies Mahan Air customers received text messages from the hackers who are calling themselves Hooshyarane-Vatan. Mahan Air website was also down during the attack.

I have been following recent cyber attacks against Iranian infrastructure including the fuel hack a few weeks ago and hack on the railway which disrupted departure boards. What is interesting is that these attacks appear to be happening within Iran. The train hack for example was perpetrated by Indra hacking group which experts believe to have been a small hacking group.

The hackers claiming responsibility for this cyber attack claim to be a group acting in response to government abuses of people of Ahvaz and complaints include water misuse, poisoning of livestock and torture of people. Water misuse is a big issue and in fact there are many protests happening at the moment across Iran so this is a big issue.

Hackers are claiming that Mahan Air risk passengers lives by transporting IRGC weapons on their flights. How easy would it be for an accident to happen when transporting such dangerous weapons which we can only speculate about? It has been reported that long ago the US made this accusation however if the hackers are correct it appears to still be happening.

According to Mahan Air the attack has not affected flight schedule and they have thwarted the attack. Mahan Air said they are used to such attacks and have therefore prevented the attack.  However Hooshyarane-Vatan continued to post on Twitter and Telegram yesterday after Mahan made their announcement.

I will be continuing looking into this today and tomorrow as it is very interesting to me. The hackers have put many documents online about Mahan Air and time will tell what the fall out of this attack will be.

Funny picture posted by @hooshyaran1

Lyceum is back! Targeting ISPs and other strategic targets 😡

Reports this week indicate that the notorious Iranian hacker group Lyceum has returned to chaos and this time mainly attacking Internet service providers and telecom companies in Morocco, Saudi Arabia, Israel and other companies in the wider Middle East including the African Ministry of foreign Affairs

The Lyceum group which was first discovered in 2017 and also known as Hexene has been identified as responsible for a number of cyberattacks in July and October 2021 according to information from Accenture Cyber ​​Threat (ACTI) and Prevailion's Adversarial counterintelligence groups (PACT). The main focus of the Lyceum Group is the implementation of computer network penetration events on a number of strategic target that are appropriate for the Iranian regime. It also now appears that they are expanding their reach to other targets even including places that are friendly to the Iran such as Tunisia.

                        Lyceum: Puppets of Regime!   

The hacker group appears to have stop used its famous Danbot .NET scripts and Powershell scripts to gain unauthorized access to the systems, and is now using a number of new technical techniques to do its evil work. Like the Base64-encoded Powershell scripts and new backdoors written in C++ which are new types of malware called James and Kevin. The group also relies on DNS tunneling which is an intrusion method for using DNS as a secret communication channel which is allowing the group to execute HTTP (S) commands using malicious C2 functionality. More scrutiny of source code also shows that Lyceum is also upgrading its backdoors to stay ahead of defense systems.

Lyceum is evil and guilty perpetrators of Iranian regime and seems to have continue committing ugly acts against other countries in the region regardless of whether they are friends or not. Please friends protect yourself against these types of attacks 🙏 by monitoring DNS traffic and being aware of suspicious domains and report them to threat information platforms.

Will this regime ever stop committing ugly acts in the region?? 😡😡

#cybercrime #cybersecurity #cybercrime #NET #Powershell #cyber #attack #C++ #HTTP #HTTPS #Morocco #SaudiArabia #Tunisa #Israel #Iran #IranianRegime #corrupt #evil   

Who is DEV-0343??

It has been reported by the Microsoft Intelligence center that malicious password spray attacks which first occurred in July have been attributed to Iranian cybercriminals codenamed DEV-0343, according to the Microsoft Information center.

The term password spray usually refers to a brutal attack in which a cybercriminal uses the same password on multiple accounts, with the goal of locking the account with repeated attempts to gain unauthorized access.

DEV-0343 seeks to target more than 250 Office 365 tenants associated with US, Israeli and EU defense companies, as well as ports and shipping companies in the Persian Gulf. However less than 20 tenants have been successfully hacked.

DEV-0343 

These attacks were simulated by DEV-0343 using an emulated Firefox browser and rotated through IPs hosted on a TOR proxy network. This attempt to remain anonymous did not work, because after analyzing the lifestyle and geographical targeting of known Iranian cybercriminals, it became clear that this was the work of this vicious and intrusive regime. At 7:30 a.m. and 8:30 p.m. Iranian time the group targets hundreds of accounts at a time, praying for just one account for weak cyber security measures.

Friends please protect yourself from this criminal group 🙏. Enable 2FA authentication on all your accounts, block all incoming traffic from anonymous services, and make sure all of your Microsoft Exchange access policies are up to date.

When will this regime stop interfering with the rest of the world while the Iranian people are starving? While Internet blackouts occur regularly? How can the Iranian government continue to claim its lack of money while supporting criminal acts like this? 😡

Follow me on Twitter and Instagram: @_0x7c3

#cybercrime #cybersecurity #cybercrime #DEV0343 #PasswordSpray #cyber #attack #Office365 #Microsoft  

Iranian fuel station hack and retaliation

Last week fuel stations across Iran was brought to a halt when a    cyberattack targeted the petrol systems, which affected fuel pumps    across the country and causing huge vehicle backlogs.

Videos on social media showed long waits for fuel and street signs that appeared to have been hacked, showing message "Khamenei where is our gasoline?" as the attack last for a very long number of hours.

Hacked billboard showing the message 

"Khamenei where is our gasoline?" 

The attack happened close to the anniversary of the fuel price hike in November 2 years ago which led to widespread street protests which of course where violently put down by the Iranian Government and IRGC. 

A group called "Predatory Sparrow" took responsibility for the attack with a statement that said "the hack was a response to the cyber actions by Tehran's terrorist regime against the people in the region and around the world"

The Iran government responded as usual by blaming Israel and now another mysterious group called "Black Shadow" has now hacked into Israel internet provider Cyberserve, and have started to leak sensitive patient data of over 300k people, as well as leaking data of users of the LGBT dating site Atraf. 

Will we ever know who caused the fuel cyberattack? Maybe not but the one thing that is clear to me is that the regime cannot keep its own people safe even at home. Is this another sign the Iranian state is losing its hold on security? Let me know in the comments friends 🙏

Facebook deletes fake Iranian accounts

It has been reported that Facebook has deleted 93 Facebook and 194 Instagram accounts believed to have been connected to an organized ring of disinformation. According to news stories the accounts were linked because they had all been posting about local news in Lorestan province, anti USA and Saudi-Arabia content and encouraging people to vote in the past election.

This is not the first time that Facebook has kicked off government-backed accounts from its platforms. Two years ago Facebook removed approximately 800 accounts linked to Iran and suspected of sharing propaganda of the Islamic Republic. Also earlier this year Facebook deleted 200 accounts linked to Iranian espionage ring which targeted aerospace workers in Europe and USA.

Fake post that was deleted

The latest mass deletion has been revealed in the the companies inauthentic behavior report. According to report Facebook deleted networks in both Sudan and Iran claiming that both networks were connected to the militaries of each country. For Iran the report connects the network to the Iranian Revolutionary Guard Corps.

According to Facebook Coordinated Inauthentic Behavior includes both Domestic and Non-Government Campaigns plus Foreign or Government Interference. Facebooks policy about FGI is that it will delete every account connected to the network on every platform connected to the operation as well as the people and people and organizations behind it. But what else can they do to stop the Islamic Republic and other states from abusing their platforms?

Unless Facebook can hold nations to account for abusing their platforms then they will continue to use them to spread misinformation and hate. Furthermore it is very funny that the IRGC is trying to influence people on Facebook when Facebook itself is banned in Iran! Maybe they are scared about the power of social media and that is why they ban it. Despite the banning it looks like the Iranian government will continue to endorse this behavior online.

Tehran Stock Exchange Corruption Exposed

A fake cryptocurrency scheme has been exposed by VAJA resulting in the arrest of many people and the firing of the CEO of Tehran stock exchange Ali Sahraei. The fraud persuaded hard working citizens to invest in fake cryptocurrency King Money known as KIM. Investors were then refused return investment due to speculative trading.

What is very understanding about this fraud is that crypto machines were found in building of Tehran stock exchange resulting in the firing of of Mr Sahraei. This is contradictory to a new law that has banned the mining of cryptocurrency due to lack of electricity in Iran resulting in blackouts.

This is yet another example of corruption in the Iran where it is one rule for upper classes and another for lower classes that want to make extra money using technology. Many raids have happened against small businesses and homeowners who mined cryptocurrency but this appears to be the first high profile exposure. It will be interesting to see what charges are brought against the fraudsters and whether Mr Sahraei will be held criminally responsible along with others who have been arrested.

Indra exposed - does Iran have a hacking problem?

It has recently been reported that the Indra hacking group is behind the recent attack on Iranian railway and transport infrastructure. This was publicly exposed on check point research website who named twitter user @Indra17857623 as culprit. This report is very interested as check point research have assessed that Indra is unlikely to be a nation state funded hacking group but then why did they attack Iranian infrastructure?

According to check point research Indra is unlikely to be nation state funded because they said their tools are not sophisticated and they are on twitter which makes them more likely to be a hacktivist group. What is shocking about this is that usually damage against national infrastructure is usually done by other nations however the railway hack clearly suggests that this is not the case anymore.

Check point research say that we should learn the lesson that

we should be more worried about attacks that are possibly but are not going to happen according to wisdom. With all the trouble caused by cybercrimes, hacktivisms and nation state meddling etc the sophistication of attacks is still small and often threat actors do not do thing even though they can and we rely on this too much.

Furthermore check point research also says that this type of attack should cause worry as the only thing stopping the frequency of these attacks is hackers boredom and restraint. In country like Iran where there is little employment and bad economy it is a worry that many skilled hackers could get bored soon and start attacking the state. Should the Islamic Republic be worried about this new hacktivism?

It will be interested to see if this activity persists. Will Indra carry on now that they have been exposed? According to their twitter page Indra is named after the hindu God of war so with such a strong name we can probably expect more from them. They state that they are against the Quds Force and proxies in the region so this might be something that continues for some time to come. 

Protection Bill

This week twitter users are angry about proposed internet protection bill that is being debated in Iranian parliament. The Bill will restrict internet access and threatens instagram one of the only western social media companies not blocked by the Islamic Republic.

However the problem is that many Iranians rely on instagram as a platform for e-commerce where they can earn money. At the moment the economy is in such a bad state that this is the only form of income for many peoples. What will happen if protection bill cancels Instagram?

Although it might still be possible to access instagram with VPN the bill would restrict this access so maybe not. Even if VPNs can still work instagram is much more popular in Iran than other banned networks which need a VPN like twitter and facebook. Will people still use instagram if it is not easily accessible? Maybe not, especially when also having to fight against power outages and internet blackouts.

The Iranian government has never liked free access to internet because it exposes their abuses and criticisms. However they have no problem using banned networks when it suits them as Khamenei has twitter. New president Raisi also created a twitter account during the election!

I hope that this protection bill never gets passed. It would be devastating for people and economy but the leaders want to keep peoples down on their knees.

Facebook stop Iranian hackers spying on United States

Facebook announced that they have discovered gang of Iranian hackers on their platform who were targeting members of US military. The group has been named as "Tortoiseshell" and previously known for targeting information technology companies in Middle East. In this case Facebook has said that group has "used various malicious tactics to identify its targets and infect their devices with malware to enable espionage". 

This is very serious as Facebook has said that this is was a "persistent operation" part of a "cross-platform cyber espionage operation"...how does the Islamic Republic have the money for this?! People are protesting lack of water and internet blackouts across the country and yet they can spend wasteful money on people being sat on social media all day spying on people? Surely they should address their own internal problems before casting an eye overseas?

Read for yourself: https://about.fb.com/news/2021/07/taking-action-against-hackers-in-iran/ 

Iran transport hacked!

According to reports Iranian train and railway was hacked on friday and caused chaos across the country. Hackers posted messages on to departure boards saying that trains were either cancelled or delayed when in fact they were not. No group has claimed responsibility for the attack so we do not know if they are criminal or activist but they had a humor when they also posted the phone number of Ayatollah Khamenei as information services for the trainline.

In addition to this breach the transport ministry also suffered from a cyber attack on saturday when hackers disrupted portal servers. Telecommunication minister Jahromi has also warned of further attacks if vulnerabilities are not patched however how can people and organizations do this when the electricity keeps turning off! It is a flawed system!

Now we must wait to see who takes responsibility for this attack. Is it too much of a coincidence that these two attacks happened so close together or was it the same actor? I will wait and see.

Power Outages Across Iran

Catastrophic power outages have taken place across Iran but this should not surely come as a surprise to many. It happen every year because of the corruption and bad governance but this year is particularly bad because of corona pandemic. And who is there to blame? Rouhani doesn't care because he is leaving and Raisi is corrupt too. Those in charge of health and electricity do not want to hear criticism either.

I worry about my friends still in Iran who must surely be suffering under the power outages. Can they get hospital treatment if they fall ill ? Surely not if you believe the videos being shared online of the people dying in CCU wards because of lack of electricity.

What has caused this hell? Some blame cryptocurrency mining for taking up all the electricity store from the people of Iran. The Islamic Republic uses cryptocurrencies like bitcoin to avoid sanction but is it really worth it? What is point of having more illegal money if the people still suffer and die? The government banned this currency mining but it is unclear if it still going on especially as some reports suggest that government is investigating the possibility of a national cryptocurrency. This must take a lot of energy and could be an explanation for Iran's sudden surge in electricity usage compared to last year.

Others blame poor governance and corruption. Surely we do not need evidence at this point because it is so obvious and while politicians deny that there is an issue there is no end in sight. 

Tapandegan hack in response to unfair IRGC budget

At the start of the month Iranian hacking group Tapandegan posted on Twitter that they had successfully hacked the Iranian Ministry of the Economy and Assets website in response to the leaked IRGC budget. The message can be seen in the image below:

The group's motivation appear to be anger at the enormous budget allocated to the IRGC and how secretive and wasteful the budget is as they believe this money could be used better to help the struggling Iranian people. These thing being so the group was prompted from mr Zarif's leaked interview where he claimed that cmdr Soleimani was a main decision maker for foreign policy and not the elected officials of the Majiles.

Tapandegan highlights also the hypocrisy in the Islamic Republic when they ask ordinary citizens to stop eating meat and chicken in response to economic hardships but they spend 66 thousand billion tomans for the IRGC to operate outside of the Iranian people's elected government to fight foreign wars. As the people suffer at home the IRGC can act with impunity with a large budget and little accountability.

The group previously has claimed responsibility for hacks at Mashad international airport in 1397 and tabriz airport also in 1397. Both hacks overtook computers screens in the airport to protest the wasting of Iranian lives and money in foreign wars such as Syria, Iraq and Gaza.

Iran-China 25 year deal and the internet

It has been a busy few weeks as one year ends and another starts. A few days ago the Islamic Republic and China signed a 25 year agreement between the two countries and people are not happy. There has been protests in Tehran and people speaking out on Twitter - even without the full release of the agreement!

But one thing that has been said is that the new agreement includes sections about the internet. China has the best firewall in the world and now they will be helping Iran do the same. The agreement is said to include provisions over the development of 5g, remote communication and end-user equipment. But most concerning is the agreement to work together on strengthening national internet infrastructure.

As the people of Iran move towards freedom, the Islamic Republic is determined to drag them back. And now with China backing them, the Islamic Republic has a greater chance of success than ever. However I am hopeful that people will stand up against this censorship - people already are but they must continue. Free and unfiltered access to the internet is a right that the Iranian people deserve. It should not be washed away by this agreement.

Ayatollah Khamenei New Year Message

Supreme Leader Ayatollah Khamenei gave his Norwuz speech last weekend where he talked about the internet. Surprisingly he said that Iranian's should use cyberspace...followed by a warning not to be influenced by the enemy. Presumably this must mean America and the West.

And why did he speak of this? Khamenei appears scared about how the internet could effect this years elections in the Iran. He warns people not to fall victim to the enemies intentions to influence the election. This is ironic as it comes only days after America published a report saying that Iran interfered in their elections in November! So the Islamic Republic is allowed to interfere with others elections but nobody must interfere with theirs?! 

No state should try and influence another's election, however Khamenei should be scared not just for this reason. It is not only fake information that can influence an election, but also access to unfiltered influence. Supreme Leader...not everything that criticizes the Islamic Republic is fake!

Iran's Minister of Communications, Mr Mohammad Javad Azari Jahromi, disagrees with the Supreme Leader. What a breath of fresh air! It is reported that he doesn't believe in filtering the internet, as this causes a bigger gap between generations. Young people are much more cyber aware than their parents and grandparents as they have to be imaginative to get around the cyber censorship in Iran, either using Tor or a VPN. 

If this gap continues to widen then I wonder what will happen in the next ten years? Will a cyber revolution occur and overthrow the Islamic Republic? I do not know, but I hope than in years to come more and more people in Iran will have uncensored access to the internet. Cyberspace is not something you can control with harsh words and politics.

And finally, Mr Khamenei, if you distrust the internet so much, why do you have Twitter when it is banned in the Islamic Republic? 

Iranian Internet Censorship

Last month I saw reports that the Iranian regime had begun to cut off mobile internet access in Sistan and Baluchestan after reports of riots in the area. The government wanted to restrict the internet to conceal its violent reaction to the riots where many people perished.

This is not the first time that Iran has done this. In fact it is well documented! The Iranian regime has consistently used internet blocks to stop ordinary Iranians from speaking out about the governments actions. But what does this really achieve? The people simply wait for the internet to return to post about what has happened.

Most famous was the 1398 shut down that lasted for a week and saw many many people killed. The shut down last month only lasted for a few days, but it is clear that the government is getting used to using this tactic to stop protestors. Have they forgotten that their authority was built on the back of protestors? 

On this Charshanbe Suri I wish for greater freedom for the Iranian people and look forward to a new year with less censorship and oppression from the Islamic Republic!

The Truth Always Comes Out - Part 2

In 2019 I posted about the assassination of Masoud Molavi in Istanbul. Molavi was of course the founder of Black Box which helped expose the illegal activity of Iran. At the time I posted about how the regime was obviously behind the killing, as they feared his exposure of their dark truths. 

But now the saga continues! Finally a suspect has been arrested for this illegal slaying in Turkey - the culprit being an Iranian official. Of course! Hopefully now justice will be served now that his killer has been arrested. I am sure Turkey will do the right thing and find out the truth behind Molavi's death. The Islamic Republic cannot get away with illegal killings!

#WhatsAppPrivacyPolicy

 

WhatsApp was previously great for privacy, using end-to-end encryption to keep messages secure. However now I am regretful that WhatsApp has changed its privacy settings to share user data with parent company, Facebook. Now the encryption remains, but rumors are that WhatsApp may share phone numbers, user names, contact details locations and much more -  I must ask why they even bother with the encryption?! The content of your messages may stay secure but your identity might not!

#WhatsAppPrivacyPolicy has been trending on twitter because of these changes, with many users saying that they will delete the App rather than give up their privacy. Privacy is very important and therefore I believe that we should not let our data be used by big companies like WhatsApp and Facebook. 

I have started to look at alternatives to WhatsApp, following the direction of many like-minded people online. There are two Apps that are now fighting for top space in many App stores.

1) Signal

Signal is a new company established in 2014 as a not-for-profit organization. This already sets it apart from WhatsApp which is a company seeking to make money from your data. Signal only stores minimal data about users, including phone numbers and time of account creation, compared to WhatsApp which stores much more.

Signal appears to be winning the battle for top App in many countries. The company even reported that they had experienced a delay in sending verification codes because of the amount of people signing up.

2) Telegram

Telegram has also seen a huge uptake in users since the beginning of this year - some 25 million if reports are to be believed. Telegram was already a popular messaging App before #WhatsAppPrivacyPolicy however has certainly benefited from Whatsapp's policy update. 

Like Signal, Telegram is pro-privacy by using encrypted chats and not sharing personal data. However, it is not a private as Signal which suggests why more people on Twitter are supporting that messaging service instead.