# Expanding access to digital media through the use of secure communications, infrastructure, tools, and techniques
# Expanding access to digital media through the use of secure communications, infrastructure, tools, and techniques
The goal of this project is to ensure Iranian citizens can exercise their human right to expression and access to information online through the use of the Tor network and subsequent access to sites, services, and apps otherwise censored by the Iranian government.
Objective 1: Tor tools are easy to find and use for people in the target country
Objective 2: The Tor Project can quickly verify how Tor is being blocked in-country and unblock it
The Tor Project’s work to provide Iranians with uncensored access to the internet has three interconnected strategies:
Objective 3: Pluggable Transports are reliable, resilient, diverse, and scalable
1. Ensure Tor tools are easy to find and use for Iranians
\ No newline at end of file
2. Monitor the Tor network availability from connections in Iran and act quickly to unblock the network when new censorship techniques are detected
3. Ensure that the ways Iranians connect to the Tor network are reliable, resilient, and scalable
The Tor Project will work on this project as the primary grantee, in partnership with Guardian Project, developers of Orbot, Onion Browser, OnionShare, and other secure and private mobile apps, and with the support of Miaan Group.
## Objective 1: Tor tools are easy to find and use for Iranians
Most Iranians connect to the Tor network through a VPN-like mobile app called Orbot, developed by the Guardian Project, and Tor Browser, which is a Firefox-based web browser for desktop and mobile developed by the Tor Project. There are also additional apps such as the forthcoming Tor VPN for Android, OnionBrowser for iOS, and the recently released OnionShare file-sharing app for Android and iOS. To achieve Objective 1, we must improve
distribution, usability, and user support services and materials of Tor Browser and Tor-enabled mobile apps for Iranian users. This will be done through the following activities:
**O1.1, Localize websites, tutorials, promotional content, user support material, and documentation for Tor Browser and Tor mobile apps:**
Significant work has been completed to localize Tor Browser, Orbot, Onion Browser, OnionShare, and support materials into Farsi, but some content remains untranslated, which creates barriers for Iranians users and undermines efforts to connect these users with Tor tools. One challenge is that both the Guardian Project and the Tor Project rely on volunteers to execute most translations. While these communities of volunteers are invested and engaged with our organizations, moving quickly can be difficult when a population is experiencing political and social turmoil. In these instances, we contract a human-rights focused group like Localization Lab to complete translations. In this activity, we will contract with a group like Localization Lab to localize user-facing content and documentation related to these apps. This activity includes localizing any new user-facing content developed in this project. Once it is available, this will also include information about the launch of the new Tor VPN for Android, helping users transition to that app from Orbot on Android.
**O1.2, Create relevant promotional and distribution campaign for Iranians to use Tor tools:**
In this activity, we will address the challenge created by the Iranian government’s censorship of official websites and app stores, and the many unsafe “free” VPN and circumvention solutions, that make finding and using safe, open source, and free tools like Tor Browser and Orbot confusing for users. Guardian Project will lead work to engage with beneficiary communities, understand their needs, and create localized outreach campaigns that promote usage of Tor tools.
A key component of success in this area of work will be the funding request for a new Guardian Project team member who will focus on supporting users in Iran. This replicates an existing successful approach Guardian Project has taken in Latin America to grow adoption of Tor-based apps there. Through that work, Guardian Project has both increased awareness and adoption of these apps, while also increasing partnerships with local organizations and contributors to help continue to sustain its open-source work. Having trainings, outreach, and support happen fully in local languages and dialects is a key aspect of Guardian Project’s strategy in Latin America and what we plan to replicate with an Iran-focused position in this project.
Specifically in Iran, through existing outreach and relationships, Guardian Project was able to promote Orbot as a circumvention tool during the Mahsa Amini protests in 2022, causing a huge increase in adoption up to over 500,000 installs in a short period of time. Since then, active use in Iran has dropped due to loosening of internet restriction, as well as lack of resources to continue promotion and outreach. There is potential to increase adoption and everyday utility for partners in the region with the support of Guardian Project’s dedicated position through this project.
In addition to the work with the Tor Project, Guardian Project also has a significant partnership with the Center for Digital Resilience in which they act as the primary developer of the Link secure help desk. This system was designed specifically with Iranian users in mind in order to provide them a solution for accessing digital security and other support systems, and Link is in use today by a coalition of organizations working in this area.
Finally, Guardian Project has designed and developed multiple multimedia and news content applications with built-in circumvention for Iranian user communities in separate partnerships with Democracy Council, Radio Zamaneh, and the U.S. Agency for Global Media.
These outreach campaigns will be tailored to the specific cultural, linguistic, and social nuances of the target communities. We will also update user-facing material to be more relevant to target communities and their lived experiences. We will aim to connect with a diverse set of users of diverse gender, religion, sexuality, and other identities.
To support these campaigns, Guardian Project will build on existing networks as well as creating new ones through Github tickets, web-based bulletin boards, social media, and messaging groups on Telegram, WhatsApp, and Signal in order to engage with potential users, gather feedback, and provide technical support. This work will also ensure Tor-enabled mobile apps are present and available in third-party app stores and software distribution services popular with Iranians.
**O1.3, Improve usability of Tor-enabled mobile apps for Iranians through usability research:**
Guardian Project will use an iterative human-centered design process to research, create, and
publish new design personas for users in the target region. Personas are fictional characters, which are created based upon research in order to represent the different user types that might use a service, product, site, or brand in a similar way. Creating personas helps a designer to understand users' needs, experiences, behaviors, and goals. Guardian Project’s design team (Okthanks) has pioneered this kind of work in human rights space through tools like their Persona Builder and efforts such as the Latin America Personas Set.
To complete this work, Guardian Project will:
- Review and analyze user feedback; identify common challenges; and create specific, localized personas and user stories.
- Organize usability test results and user feedback using affinity mapping and other relevant techniques.
- Analyze results for each digital security tool and identify common challenges.
- Consolidate feedback into personas and user stories to represent target populations.
These personas will be based on a thorough review and analysis of existing and newly gathered user feedback, to help identify common challenges and issues faced by users. Guardian Project will safely engage with users both in Iran and the diaspora, using a variety of user research tools and techniques. The personas are incredibly useful to guide future design and development work to improve Tor mobile applications specifically around the needs of the kinds of people represented by the personas.
From this point, Guardian Project will gather feedback from Orbot and Onion Browser users; collect bug reports, usability issues, and desired enhancements; improve usability of Orbot, Onion Browser, and other potential apps of utility and interest, based on personas and feedback; and conduct multiple iterative rounds of improvements, testing, and feedback.
Usability improvements for Tor Browser are not included in this project because the Tor Project conducts usability research and makes UX improvements for Tor Browser through its Global South Strategy, a long-term intervention in its sixth year focused on increasing Tor accessibility and usability for users burdened by censorship in the Global South. The Global South Strategy is fully funded by the Swedish International Development Cooperation Agency (Sida).
**O1.4, Provide live user support in Farsi:**
Since September 2022, we have seen that providing live support to users of Tor-enabled tools is crucial to keeping Iranians connected, particularly when censorship changes rapidly. Live support also helps keep users from choosing unsafe solutions that don’t protect their privacy, like applications made by bad actors who use
censorship as an opportunity to distribute fraudulent software packages containing malware.
During this time of increased need for support, our user support specialists have used translation tools and localized templates to communicate with users, but there is a limitation to the value of the support we can provide without Farsi-speaking specialists. In this activity, we will hire Farsi-speaking staff to provide Farsi-language user support for Tor-enabled tools on the Tor Project’s and Guardian Project’s live user support channels that can be accessed through email, Telegram, Whatsapp, Signal, and the official Tor Forum.
Beyond keeping Iranians connected to the open internet, live user support creates a reliable early censorship detection mechanism. When users know to report issues directly to one of our support channels, we’re able to investigate problems quickly. Sometimes this direct connection to users allows us to detect censorship hours or days sooner than automated testing. This in turn helps us develop and deploy fixes sooner, which leads directly into the second Objective.
## Objective 2: The Tor Project can quickly verify how Tor is being blocked in Iran & unblock it
To achieve this Objective, we must be able to detect new instances of filtering and blocking against Tor, or changes to existing methods; investigate how this blocking and filtering is taking place; work with in-country users to test solutions in their real-life circumstances and networks; and quickly deploy user-validated solutions. To do so, we will:
**O2.1, Research and implement a method to collect more accurate counts of Snowflake users:**
Snowflake is the most widely-used pluggable transport by Iranians. About 90% of Iranian users who connect to the Tor network using bridges do so using the Snowflake pluggable transport. Our challenge with detecting filtering or blocking against Snowflake is related to the methodology we use to count users. Currently, the system we use to count Snowflake usage—via self-reported “consensus fetch”—is known to undercount users by as much as a factor of 10. This counting method is also only able to count the number of users who make it successfully to the Tor network via Snowflake. It cannot count how many attempted users fail at any part of the process. These factors make it difficult to detect or understand the severity of the impact of censorship against Snowflake, which disproportionately impacts Iranian users.
In this activity, we will research and implement a method to more effectively detect censorship against Snowflake by more accurately counting usage. We will shift the counting method away from the “consensus fetch” and instead pull data from the Snowflake broker and Snowflake backend, which will allow us to count a combination of the number of requests, the number of Snowflake proxies, the number of attempts the broker makes to match a user to a proxy, and the number of successful sessions. The end result will be more accurate counts of unique users, their
country of origin, and whether or not the connection is working for them.
**O2.2, Set up, run, and monitor more vantage points in-country:**
Vantage points in-country allow us to monitor how Tor tools work in Iran and test fixes or changes to these tools when new filtering techniques are implemented.
**O2.3, Connect to users inside of Iran to test the Tor connection and debug Tor-powered tools:**
Similarly to O2.2, connecting with in-country users gives us an understanding of how Tor tools work for Iranians and test fixes or changes when tools stop working. Direct connection to users is one of the most vital tools we have in our approach to keeping Iranians connected because it allows for a rapid testing, validation, and release cycle.
**O2.4, Monitor impact of censorship and internet filtering events:**
We will monitor and evaluate the impact of new censorship or filtering events.
**O2.5, Develop and deploy fixes to Tor tools when censorship disrupts access in Iran:**
The culminating activity in this Objective involves reactive software patching and tweaking that is
made possible by our ability to detect changes in censorship, the information we’ve gathered about how blocking and filtering is taking place, and our work with in-country users to test solutions in real-life circumstances and networks.
This activity does not include developing brand-new tools, implementing new protocols, or implementing new pluggable transports. Instead, the development work included here centers a rapid patching, testing, validation, and release cycle in order to get around blocking and detection as it happens. This work is in coordination with the testing and feedback cycle made possible in O2.3.
## Objective 3: Pluggable transports and bridges are reliable, resilient, diverse, and scalable
Pluggable transports are tools that disguise internet activity as another kind of traffic, making it difficult to detect and block. Given the severity and style of the censorship employed by ISPs in Iran, pluggable transports are critical for Iranians to connect to the Tor network, and therefore the open internet. To achieve this Objective, we must improve the strength and scalability of existing pluggable transports like Snowflake. Additionally, we must advance the ability of Tor tools to use other pluggable transports and invest in the deployment of new, research-based mechanisms to advance in the censorship arms race.
**O3.1, Improve Snowflake’s defenses and infrastructure:**
Use of the Snowflake pluggable transport has exploded over the last year, with much of the use driven by censorship in Russia in early 2022 and then in Iran in September 2022.11 During this time we’ve made many upgrades to its infrastructure in order to meet demand, but there is more to improve. In this activity, we will first research, develop, and implement defenses for enumeration attacks against Snowflake.
These defenses are necessary to protect against a censor trying to grab the IP addresses of all Snowflake proxies and blocking them, thus crippling the system's effectiveness for circumvention.
**O3.2 Implement staging servers and CI infrastructure for Snowflake:**
Additionally, we will increase Snowflake’s sustainability by setting up staging servers and CI infrastructure, which will make it easier to address bugs, develop features, and react quickly to censorship against
Snowflake going forward.
**O3.3 Improve standalone Snowflake packages so that they are easier to install with less
technical expertise:**
The pluggable transport Snowflake relies on creating a “flurry” of proxies that help to mask user traffic. Snowflake proxies are almost exclusively operated by volunteers, mostly through an extension that can be installed on a volunteer’s Firefox, Chrome, or Edge browser client. Having a large pool of ephemeral proxies makes it difficult for censors to find all of these proxies and block them en masse. Snowflake has been an incredibly effective and resilient mechanism in keeping Iranians connected to the open internet since September 2022. In
order to ensure that Snowflake can scale to handle more and more users over time, we need to increase the pool of proxies from diverse sources.
In this activity, we will improve standalone Snowflake packages so that they are easier to install with less technical expertise. Standalone Snowflake proxies—as opposed to Snowflake proxies run through a browser extension—can be installed on servers, and offer a higher bandwidth and greater reliability for users behind restrictive NATs and firewalls. Right now, standalone Snowflake proxies can only be installed with the command line. We will make these packages available for easy download and install for specific operating systems (e.g., Debian).
**O3.4 Advocate for third-party projects to add the ability to run Snowflake proxies into their products:**
Right now, the Tor Project develops browser extensions for Firefox, Chrome, and Edge, as well as the standalone Snowflake proxy tool. Guardian Project allows Orbot users to become a Snowflake proxy. Third-party tools like the browser Brave and I2P offer built-in ways for their users to become Snowflake proxies. Other tools like Mozilla and Mullvad Browser are examples of projects with whom we have established collaborative relationships and we see clear alignment and possibility of successfully advocating for the addition of this feature. In this activity, we will advocate and work with more third-party projects to add this functionality to their tools.
Building relationships and demonstrating the real-world value of Snowflake proxies will be key to successful advocacy and adoption. We will tailor our approach to each third party, and be persistent and adaptable throughout the process. Below, we have outlined our approach for advocating with third-parties.
- Identify key third-parties to engage and outline existing connections
- Conduct research to identify potential third-party projects that align with the goals of incorporating Snowflake proxies. Consider factors such as user base, values, and technical compatibility. Identify individuals who are part of those projects who can champion the Snowflake proxy integration.
- Create and send documentation that outlines the challenges, impact, and value of adopting this tool
- We will clearly articulate the challenges faced by users in restrictive environments and the positive impact of Snowflake proxies
- Iterate on idea asynchronously to address technical questions
- We will establish ongoing, asynchronous communication channels to provide continuous communication to address questions and concerns as they arise.
- We will be flexible and refine the integration process as we go along, according to their requirements. Maintaining adaptability to changes in the third party's development schedule is important for accommodating unforeseen circumstances.
- Additionally, encouraging open feedback will allow us to iterate on our presentation based on input.
- Amplify any third-party comms
- When third-parties announce Snowflake integration, we will support that effort by amplifying these announcements on our channels
In the next three activities, we will maintain and enhance the pluggable transport and circumvention API support for Tor-enabled mobile apps with a focus on improving accessibility, effectiveness, and performance of these tools for users in Iran.
**O3.5 Maintain and update the IPtProxy Library:**
The IPtProxy library is a key component of the pluggable transport system for mobile apps that provides integrated access to leading solutions such as obfs4, meek, and Snowflake. This involves ensuring that the IPtProxy library is up-to-date, secure, and reliable. This work is crucial to ensure that pluggable transports remain functional and effective in circumventing censorship and other forms of online restrictions.
- The specific efforts required to maintain and update the IPtProxy include:
- Monitor upstream pluggable transport libraries for new releases, bug fixes and feature improvements, and integrate these releases into the IPtProxy library
- Update IPtProxy releases to stay compatible and updated with Android and iOS releases and features
- Update the IPtProxy cross platform mobile API to support any changes in function calls and arguments to support the new releases of the included PTs
- Test and monitor memory use, include both storage and runtime, to understand the performance impact on different devices and OSes to assist with integration
- Test IPtProxy release against current default bridges, brokers and circumvention configuration infrastructure provided by Tor Project
- Work with app developers who are dependent upon IPtProxy in their apps to stay updated to the latest releases and configuration options
**O3.6 Integrate new emerging pluggable transports into IPtProxy and Tor-enabled mobile apps:**
This activity includes integrating potential ports of WebTunnel (HTTPT), Conjure, and other anti-censorship technology transports into IPtProxy and Tor mobile apps. These emerging transports have shown promising results in bypassing censorship and improving circumvention capabilities, and integrating them into the mobile apps will enhance the overall effectiveness of mobile anti-censorship capabilities.
**O3.7 Deploy new mobile-focused infrastructure for Tor bridges and pluggable transports:**
Building on work currently under development to support users in China, we will deploy a new type of bridge distribution service built on a difficult-to-block commercial cloud platform. This will be used to distribute additional obfuscating proxy v4 (obfs4) bridges for mobile users in Iran. Next to Snowflake, obfs4 is the second most used pluggable transport by Iranian users.
