Slashdot Mirror
Researchers Find Gaps In Iranian Filtering
I Don't Believe in Imaginary Property writes "With all the turmoil and internet censorship in Iran making it difficult to get an accurate picture of what's going, security researchers have found a way to locate gaps in Iran's filtering by analyzing traffic exiting Iran. The short version is that SSH, torrents and Flash are high priorities for blocking, while game protocols like WoW and Xbox traffic are being ignored, even though they also allow communication. Hopefully, this data will help people think of new ways to bypass filtering and speak freely, even though average Iranians have worse things to worry about than internet censorship, now that the reformists have been declared anti-Islamic by the Supreme Leader. Given the circumstances, that declaration has been called 'basically a death sentence' for those who continue protesting."
Reader CaroKann sends in a related story at the Washington Post about an analysis of the vote totals in the Iranian election (similar to, but different from the one we discussed earlier) in which the authors say the election results have a one in two-hundred chance of being legitimate.
so does this mean i can use the port number of xboxlive and wow to send and receive data?
The Internet is The Internet.
Information will get from anywhere to anywhere unless Iran completely disconnects itself from the rest of the 'net. There are as many ways to hide "communications" as there are protocols and servers out there, and no one can do a bloody thing about it. Even a "whitelist" style system would have holes in.
# cat
Damn, my RAM is full of llamas.
... and publicly announcing this will help these gaps to stay unfiltered?
Now the censors know what they are missing.
We pretty much know what Iran is all about. It is rather overt and obvious to most everyone. Any illusion about a democratically elected government can pretty much be put to rest. And now that they are invoking religious law (not that they haven't been all along) it is clear exactly where the source of power is. (Save the comments about the U.S. putting the Ayatolla into power, I already know.)
But I keep asking myself, why should we care at all? Will we care and demonstrate as much as the Iranians when the next freedom eroding thing happens in the US? Will we take to the streets in protest of ACTA? Will we collectively burn our required government healthcare cards? I seriously doubt it. The government controllers in the U.S. long ago learned the secret that other governments have yet to figure out. Keep the slaves comfortable, busy and distracted, and they won't put up a fight.
First they tried with war. Now they are trying to bring down the government. The oposition is a puppet of USA. The elections were valid. The protests are initiated by CIA and the news coverage is unfair. And, besides, we don't really care what happens to Iran and whether the USA appointed president will finally manage to take over Iran and make it McDonalds country. Really, if we cared we'd visit CNN.com or something.
Petrodollars. Iran is threatening to sell oil in Euros. If people didn't have to buy dollars in order to pay for oil, the US government couldn't create as many as it wanted, which means that the military spending would have to stop.
Deleted
It is hard to fathom how the story of the year (also the tech story of the year) could be tagged "nomoreiranplease". Tech has played a critical role in this event. Who ever thought that twitter could actually be useful? The diaspora of communications technologies has proved very hard to shut down, and it will be interesting to see what new communications tech adds to this in the future.
One issue this brings up is the differences between the fark free-for-all comment system (including images!) versus slashdot's moderation. The contribution of fark to reporting what has been going on in Iran has been really impressive, and fark is essentially a news aggregator just like slashdot. Does the moderation system of slashdot prevent a similar thing from happening here? I had hoped to see a much more vigorous discussion from the slashdot community, but the real action is elsewhere. Part of this is due to the moderation system, I think, which effectively forces an end to conversations when the mods run out.
I'm not trying to be trollish, but think this is an interesting thing to think about. Slashdot used to feel like the center of the tech universe, but has been badly outdone on this topic by fark and others.
I dont know about anyone else, but reading the tag of "NOMOREIRANPLEASE" Even if you have mixed feelings about Iran and their relationship with the US / World, there is no reason to flag a topic with such a tag line.
"Have you ever thought about just turning off the TV, sitting down with your politician, and hitting them?"
search #iranelection or #neda on twitterfall.com
Kill your TV
This is ridiculous. You can't just conjure up some irrelevant examples and use them as an argument when they have absolutely nothing to do with it. E.g. with the coin flip test, the correct analogy would be to check what the chances are for less than 40 heads/more than 60 tails after 100 coin flips. The chances for this happening are indeed very low. That is why it is so impressive that they had 5% of the times 5 as last digit and 17% a 7. The 1/200 is not the chance to have the 5% and 17% (that would be a lot lower) but the chance of having suspicious results vs. the chance of them being false.
Besides: n/o but I'd rather believe a study made by two PhD students instead of some slashdotter.
Elections aren't random. Vote distributions aren't random. People don't usually vote via coin-flip.
Isn't this worse than what the US want McKinnon arrested for under terrorism charges?
Isn't this the same as the hacking the Chinese are accused of doing to the US computer systems?
If so, why is this OK when the others aren't?
and when they shut down WoW, we will have a true revolution.
Hi, I'm an Iranian and i've been tortured by the internet filtering here for a few years but the filtering after election is really terrible, we can't use the old ssh tunneling methods any more, in fact it seems that all encrypted packages are being dropped so we can't connect to our servers out side of Iran any more so we can't use another method for passing through the filtering, however today i've used a browser based ssh client to connect to my VPS in Germany and installed a proxy using squid but the interesting thing is that we i try to connect to facebook (or any other filtered website) the firewall changes my request to the famous "This site is blocked" page! These things was just examples of methods we tried to pass the filtering, anyway we are using other method to pass the filtering (which i will not mention here for safety!) but we have serious problems connecting to our servers over ssh, i'm going to test the ssh over http method but i know that this will be a temporary method!!!
It's garbage in other ways.
the model they are using is some sort of benford's law like thing. But this assumes that the distribution should be random to begin with. not likely. Moreover the kind of manipulations of concern, like shifting votes, have the same signature as legal manipulations such as bus loads of church folks showing up.
Some drink at the fountain of knowledge. Others just gargle.
On the contrary, now that it's public information this "security gap" has probably already been dealt with by the authorities.
mod parent up, grandparent has obviously not understud anything about the linked article, the claims are simply false.
the most striking thing about the election manipulations are imho that they have been done very very badly. the government obviously did not give a crap whether anyone would find out, they put some uneducated guys at a table and told them they want at least 60% of the votes and published the results after one hour of work. it would have been very simple to take into considerations many of the criticism that has come up, they should have used actual randomization and thought about which provinces voted for whom. in the end it seems like they simply did not care if anyone found out, it's like they're laughing at the world (or they're just plain naiv).
I don't think the manipulations at hand here are subtleties like "shifting votes". Seems more like "pulling numbers out of their collective ass" is what happened.
Dude, that's completely wrong. First:
That's not remotely similar to their calculation. It's not a question combinatorics but a question of probability distributions. The last digits generated in a random process have one probability distribution function and human invented ones have another PDF. The comparison here is the election results vs the null hypothesis PDF. Your combinatorics example is completely irrelevant.
Really dude, you need to read up on some statistics. What you are ranting about in that section is Bayes' theorem P(A|B) = P(B|A)*P(A)/P(B). It's for conditional probabilities (what is the probability of A given B). It is not applicable in this situation. The prior probability of mr.A cheating has no consequence - we're just looking at the distribution of the numbers. Let me illustrate the folly of your claim: Suppose that the vote count for each and all districts ended with the number 666. Would you say that this was a probable result and that you would have to have mr. A's honesty factored in? We can just looking at the numbers make a probability calculation that tells us how improbable a deviation from the expected PDF is.
You know what? This should be a tag on every story if we really mean it.
I am not claiming that it is likely that the election is fair. I am claiming that the "1 in 200" statistic is pulled out of a hat, much like the ballot numbers.
They are probably responsible for a huge part of the Iranian exports.
/s
post a news article on /. such that it draws traffic into your network
voila! instant censorship
all hale the supreme leader CowboyNeal!
Responding to "The prior probability of mr.A cheating has no consequence - we're just looking at the distribution of the numbers."
The claim of the article was that the probability of Mr. A not cheating was 1 in 200. That was the claim I was disputing, not the fact that the ballot numbers were wonky. I thought my point was clear, given the subject I chose for my comment.
When claiming some quantifiable likelihood that there was fraud, the prior on fraud is most definitely relevant. At the same time, the prior is most definitely impossible to know. These two things together make any posterior estimate completely meaningless. *THAT* was my point.
Appearances really don't matter when you're ready to silence opposition with deadly force.
This is a nation wide tiananmen square.
According to this: http://opennet.net/research/profiles/iran
Nokia/siemens sold filtering software to iran, quite the nefarious thing to do, perhaps even bypassing some boycott agreements and US export regulations, if containing any US code. now's the time to make them disclose what sofware they sold, and everything they know about the filtering system. a lot of lives are at stake, now's the time.
if any nokia/siemens employees are reading this, pass this on!
Oil is sold on the open market, and currently, mostly in dollars, meaning that the source isn't as important as the ability to pay for it. Any major disruption in total world supply will have an effect on the ability to pay for it, because the market will bump the price up fast, including the oil from those nations you currently import the most from. They are not going to arbitrarily keep supplying at a much lower price "just because".
If/when (and I think inevitably) oil becomes priced in a lot more currencies than dollars, it will just cost more for US consumers. All these other nations aren't *that* stupid, they realize as the FRN gets inflated daily, it becomes worth less and less. Eventually they just won't think or accept that the dollar is worth what some blowhards in DC and wallstreet claim it is worth. The FRN is a debt instrument that currently is backed by more debt instruments, and not much else. Back when the petrodollar phenomenon took hold, it worked for the US because where we bought oil from turned around and used those petrodollars to buy US manufactured stuff. Plus, the US domestically produced most of the oil it needed anyway, something not true today.
Now let us contemplate the status of world trade and manufacturing from 50 years ago to today...hmm..
Starting to see the longer term ramifications of this? When those foreign nations could get real stuff for the swap, it was acceptable, now they are being told they need to just swap their real stuff-oil or various other commodities- for debt instruments backed by "the full faith and credit" of the biggest liars and conmen out there, who are already in hock to them to the tune of trillions.
They talk about peak oil, I think the larger picture is we have hit "peak trust" with the tangible producing world versus the US economic system, which apparently the main top official focus seems to be just creating paper and electronic "products" and that those, "trickled down" through keeping everyone in the US in perpetual debt via the credit "industry" combined with national government debt, will be enough to sustain everyone, that all these other folks will just keep swapping their real stuff for fancy IOUs in various flavors.
I think that isn't going to work for much longer. YMMV. My bet is on the tangibles and the tangibles producers winning the "what is worth more" global economic wars.
The claim was "in which the authors say the election results have a one in two-hundred chance of being legitimate."
Your claim was "if this election were legitimate, there is a one in two-hundred chance of things turning out this way."
These are two completely different statements. The key is that one is conditioned on the fact that the election is legitimate. This is easy to find out, and is probably what was intended. The sentence provided, however, made an estimate on the odds of legitimacy, conditioning on what was observed.
If they had done this, it would be a straightforward application of Bayes rule, as someone was kind enough to point out, and requires knowledge of the prior on legitimacy.
"If you know something about a binomial random variable (which is what we just sampled from), you know that this is (100 choose 48)*.5^(100) = .0735!
Wow...and that was with only 100 random coin flips. A 1 in 20 chance that, by their metrics, this was a fair set of coin flips (see where the logical incongruity happens?)"
You fail at illustrating the proper point. What a bastardization of using statistics. The third sentence is ridiculous, that's not the point that the data indicates.
On a positive note, you'd make a good politician.
You know where the US gets most of the oil from, right? Hint, it aint Iran or Iraq.
Totally irrelevant. This has bugger all to do with where the USA buys it's oil.
The rest of the world buys US dollars so that they can buy oil. This allows the US to print (borrow) dollars into existence and then spend them on whichever projects they want to without inflation sky rocketing. Military, healthcare, whatever is the pet project of the people in charge.
This is why Iraq and Iran are so important, particularly to the USA. Saudi is even more important in this regard and why they are America's bestest friends, particularly after having seen Iraq invaded and unrest is being incited in Iran.
Does anyone actually believe that the Iranian elections have ever been anything but fixed? Oh, come on... So why all the unrest now? The Iranian Oil Bourse is due to start trading oil in euros, not dollars, real soon now. So now would be a great time to prevent that by say funding opposition to the incumbent leadership.
Deleted
At the end of the article, they say
The probability that a fair election would produce both too few non-adjacent digits and the suspicious deviations in last-digit frequencies described earlier is less than .005. In other words, a bet that the numbers are clean is a one in two-hundred long shot.
The last sentence does not follow from the first. They are saying that P(these numbers | fraud) = P(fraud | these numbers). This is not the case! If they want to be correct, they need to take into account the prior, like I have said a few times.
Don't accuse me of bastardizing statistics when first: I am not and second: I am pointing out a bastardization of statistics. Try to actual know something about the subject matter, and combine that with some reading comprehension skills before you make these accusations against me.
I find that likely as well.
Especially given my prior on journalists adding garbage to the end of articles, lol
Wow, thanks for getting me modded troll when in fact it was your knowledge of the subject matter that was deficient, and everything I said was just simple probability mathematics.
And, for what it's worth, this slashdotter is a PhD student in machine learning (responding to the GP's comment about 2 PhD students vs a slashdotter).
Getting offtopic now but: I didn't intend to be offensive. You wouldn't want someone with a to believe someone with a statistics degree to claim Turing is an idiot right? :-)
It's unfair to both the victims of Tianenmen square and the lives lost now to compare both. Let's pretend you should know for sure the elections weren't rigged. Would you approve of the opposition causing riots 24/7?
48 heads and 52 tails!
.0735!
Seems pretty reasonable. The question is, now, how likely is it that I flipped exactly 48 heads and 52 tails?
If you know something about a binomial random variable (which is what we just sampled from), you know that this is (100 choose 48)*.5^(100) =
Wow...and that was with only 100 random coin flips. A 1 in 20 chance that, by their metrics, this was a fair set of coin flips (see where the logical incongruity happens?)
You've used quite the wrong metric, asking "what are the odds of this EXACT outcome in a fair contest". The right question is "what are the odds of at least this this much deviation from the expected outcome in a fair contest". In the case of your coin toss your questions would be "how likely is it that in 100 flips, I will get 52 OR MORE of either heads or tails" (note that if you were asking only about tails, you'd just get 1/2 the number, but considering the odds of 50 or more tails is only 50/50% it's a bit misleading that way).
.... + (100 choose 47)*.5^(100) + (100 choose 48)*.5^(100) + (100 choose 52)*.5^(100) + (100 choose 53)*.5^(100)+... + (100 choose 100)*.5^(100)
To get this you would sum all probabilities in the range, eg
(100 choose 0)*.5^(100) + (100 choose 1)*.5^(100) +
which is about 76.4%.
That is, about 3/4 tosses of 100 coins will differ from 50-50 by at least two flips, this is very similar to the probabilities for these events in the recent US election, held up in the article as an example of 'normal' results.
Now if you'd gotten something like 38-62 you'd have results about as unlikely as this election (2%).
If you're familiar with stats at all, in general it's when the odds fall below 5% that you have an interesting result, 2% is quite interesting (though it depends on how often the event happens - 2% in an election that happens once/4 years or so is going to happen by chance with a mean period of 200 years).
Gee just setup sshd to run on the wow port. What port number or numbers are those?
I find it both sad and disheartening that the US is more up-in-arms about these election results in a foreign land, than they were about our own EXTREMELY questionable election results here in the US in the year 2000. As time goes on we find more and more discrepancies in those results, and nobody seems to gives a damn. A 1 in 200 chance of the election results in Iran seems far, far more likely than what happened here.
If your statement is true then Bayesian statistics is always completely meaningless without informative priors, yet most of Bayesian analysis is done without informative priors and works quite well thank you very much.
The obvious, but unstated, assumption in the article is that they are using an uninformative prior which gives equal weight to fraud and no fraud. You are free to quibble over their use of this prior. For example if you thought (before seeing their data) there was only one chance in 10,000 chance that there would be fraud then even given their data, you would think that fraud was still not likely. But quibbling over a prior is very different from claiming nothing meaningful can come out of their analysis.
In fact, I think the penultimate sentence from the article is spot on:
But I would agree with you that some of the wording in the article seems very stilted. I think this has more to do with "dumbing down" the article for popular consumption and less to do with crimes against Bayesian statistics (or whatever it is you're claiming).
We don't see the world as it is, we see it as we are.
-- Anais Nin
Turing made substantial contribution to statistics in the course of his work: http://en.wikipedia.org/wiki/Good-Turing.
The wikipedia article is kind of dry but the problem is at its simplest: after visiting an alien planet for X days and observing n species at times t1, t2,..., tn, to estimate the number of unseen species. You can make it more difficult by adding a regression-model, i.e. assuming that species are easier to find in proportion to their mass or another characteristic.
It's easy to imagine applying this to search the key-space in cryptography, but people actually use it for ecology (species) and genetics (estimate the number of functional variants) too. It has also been used to inform authorship statistics by allowing an "unknown"/unclassifiable category of authors.
"They were pure niggers." – Noam Chomsky
You're the one who declared a result "Garbage" in your initial header. That's your choice of inflammatory and demeaning verbiage from the very beginning, not anyone else's. To say that that choice was just (part of) the mathematics is more flamebait and you have been modded correctly. I also simply don't care if you actually are in a PHD program or not, you are way-out-of-line wrong to act this way. Since the net result is that you are giving moral support to one of the most repressive regimes since at least the death of Pol Pot or so, on an issue much more gravely serious than most Slashdot news, and you aren't actually presenting objective facts as you pretend, but stooping from the very beginning to Ad Hom's, you actually need to be at -1 for both posts.
Who is John Cabal?
I might not approve of a riot, but then again I wouldn't exactly be a fan of big government suppressing the protests with deadly force.
If I knew the elections were fair and square, or indeed even if I didn't give a shit either way, I'd have to be pretty damned arrogant to be so ruthless.
I have nothing but sympathy for the victims in both cases, and I highly disapprove of violent repression that is COMMON to both.
This cuts to the heart of the problems of late on slashdot. It would be nice to reclaim "News for nerds, stuff that matters".
The statistical anomaly is merely proof of divine intervention in the election results.
FRN
This morning I've been watching clips "smuggled out" via posting onto YouTube.
It's axiomatic that if you know about YouTube and can post to YouTube that you can also view YouTube. And if you're viewing YouTube then you seeing a rest of the world that is a whole lot more fun than the hell hole you're stuck in at the moment. Of course the young college students fueling the protests would like their lives to be a bit more free than what they've been forced to live under -- especially the women!
So just how is that Sharia Law working out for you?
Say what you want about the decadent west, but nobody is about to show up at my door and beat me senseless for posting this.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
We will care as long as we're too stupid to develop all of our own energy sources and remain frighteningly dependent on the rest of the world.
DRILL HERE - DRILL NOW!
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Safenet also sells censoring software to the iranian government.
Liberte, Egalite, Fraternite (TM)
"I guess too many people have forgotten KENT STATE "
There are tears in my eyes as I write this; I cannot forget the look in Neda's eyes as life slipped from her 16 year old body. She wasn't protesting, she was simply standing there watching with her father when she was killed by a snipers bullet who shot her right in the heart. Sources say it was the Basij on a nearby rooftop.
But you make a good point: people have forgotten Kent state, or rather, the memory of it is not being passed to future generations. I made a point of making damn sure my kids know about it but there's lots of 19-30 yr olds who have no idea about it.
It's one thing to see that famous picture of Jeffrey Miller dead on the ground in that famous still. It's quite another to see the video of Neda dying. I'm very surprised youtube has left it up and I think it would be prudent if people kept a copy local copy of the swf file.
Need Mercedes parts ?
IP over WOW dance movements....
Since state-run TV is now reporting that votes counted exceeded registered voters in "only 50" Iranian Cities, and that indicates sufficient credibility to not change the outcome, I'm going to agree with you here.
Help stamp out iliturcy.
Yeah, the CIA could never organise an overthrow of Government in Iran.
Not so fast. The Iranian authorities are shutting off as many of these tools as possible, as well as using the good old fashioned technique of simply imprisoning the sources. For example Amir Sadeghi, the brave photojournalist who runs the http://tehranlive.org/ blog, has gone missing. Also, just plain shooting protesters down in the street has evidently not lost its appeal. The net provides new and revolutionary tools of communication, but brutal dictatorships are still able to leverage their tried and true techniques.
The "Islamic Republic" has lasted longer than the Shah, and has clearly shown that religious oligarchies are every bit as corrupt, barbaric, and secretive as secular ones.
I hope the people of Iran are able to free themselves of dictatorship soon.