Haystack stops tests of Iran anti-censor software amid security concerns
Haystack, a company that has created software designed to circumvent Iranian government censors, has stopped testing its program amid criticism of faulty security.
Haystack founder Austin Heap said in an interview Monday that concerns about how his much-touted software program works and whether it's secure were “valid.”
“For the time being, we are going to stop human testing and rely instead on machine testing,” Heap said.
He said in a blog Monday that the software is being reviewed by a third party and that testing will resume if it passes muster.
The move comes after Foreign Policy (a division of The Washington Post Co.) technology writer Evgeny Morozov and engineers said that lax security in Haystack could hurt users in Iran by exposing them to government authorities.
About two dozen Iranians have been testing the year-old anti-censorship technology that allows the use of proxies on the Internet to disguise user identities.
“We have been very clear with our testers about risks, and from my understanding there may be only one case where risks were not in writing,” Heap said. In response to that case, the nonprofit firm came up with a disclosure policy to ensure users were properly notified of the risks associated with using the technology under government censorship, he said.
Heap, 25, received much media attention for leaving his full-time job as a California software developer to create Haystack after the government of Iran tried to block the transmission of videos, e-mails and other communication tools that depicted street-level protests of election results.
Heap launched his program as the Obama administration began a push to stomp out global online censorship. Secretary of State Hillary Clinton has promoted Internet freedom and has criticized the Chinese and Iranian governments for controlling what information its citizens can access and distribute on the Internet. Nearly one-third of all Internet users live in a government regime that censors.
The State, Treasury and Commerce departments approved the export of Haystack to Iran. That process, though lengthy because the United States has trade sanctions against Iran, too easily approved a technology that needed more vetting, Morozov said.
“What is most interesting is the enabling environment -- why tough questions weren’t being asked,” Morozov said. “People in Washington are jumping on the Haystack bandwagon because it portrays them as hip and in touch with the times but doesn’t show all the risks involved.”
Morozov has criticized the software company for weak encryption and security. He has also questioned Haystack's lack of transparency by keeping its technology secret – or closed-source. Heap has argued that opening code would help governments crack through the software and identify users, but he has since reversed that position.
September 13, 2010; 2:06 PM ET
Save & Share: Previous: FCC move to release White Spaces spectrum has tech firms dreaming of wireless boom
Next: Craigslist to appear before House hearing on sex trafficking
Posted by: ashkan12135 | September 13, 2010 4:08 PM | Report abuse
Posted by: Knee_Cheese_Zarathustra | September 13, 2010 7:08 PM | Report abuse
Posted by: strade24 | September 13, 2010 8:43 PM | Report abuse