Iran Bans Officials From Using Internet-Connected Devices (timesofisrael.com) 61
An anonymous reader shares a report: Iran's cybersecurity authority has banned officials from using devices that connect to the internet, apparently fearing being tracked or hacked by Israel. According to the state-linked Fars news agency, Iranian officials and their bodyguards have been told they are not allowed to use any equipment that connects to public internet or telecommunications networks.
Alternative (Score:5, Funny)
Time to use all those pagers they bought a few years ago.
Re: (Score:1)
Time to use all those pagers they bought a few years ago.
Or the walkie-talkies?
Re: Alternative (Score:4, Funny)
Re: (Score:2)
Time to use all those pagers they bought a few years ago.
Iran didn't use all those pagers, Hezbollah did. What eventually made the Israelis use the pager bombs was some of the pagers being sent to Iran for in-depth forensic examination. Furthermore, after Russia hacked SolarWinds and used their update servers to install backdoors on systems belonging to government departments such as US Homeland Security, State, Commerce and Treasury, that time Chinese intelligence hacked US military contractors, stole F-35 design data and then hacked the US federal government's
Re: (Score:3, Funny)
did that rant make sense in your mind?
Re: (Score:2)
Huh?!?
Re: (Score:3)
All unexploded ones RMA'd to their original source in Israel by now.
Get the popcorn (Score:5, Insightful)
Re: (Score:3)
Re:Get the popcorn (Score:5, Insightful)
When someone is trying to kill you and has missiles and bombs to do the job if they know where you are, it tends to focus your mind a bit.
You'd think so, but the war in Ukraine shows otherwise. The Russians suffered heavily early on due to using cell phones--and they kept using them even after figuring out they'd lost something like four general officers due to them/staff/bodyguards using their phones, causing even more losses. I can't help but agree with the GP, some assholes are always going to come to the conclusion that "everyone else shouldn't do it, but it will be fine if it's only me."
Re: (Score:2)
Re: (Score:1)
Does Iran have any home-grown IP infrastructure? (Score:5, Insightful)
Obviously one of the problems with the use of any given technology during wartime is that if it isn't local, there's a reasonably good chance that there will be attempts by one's adversary to use that technology against one in some capacity.
For traditional conflicts before the computer age this was often a matter of raw materials or finished products being denied delivery. In the IT age it means things like hidden subroutines to degrade performance or outright disable or damage systems, or to snoop or locate.
So yeah, Iran is using the same Internet protocols and other systems that the rest of the world uses, and there are lots of known issues with those open protocols, and that's even before getting to the hardware itself, where it sources from, and what sort of backdoors or other penetration into that hardware might have been achieved by Israel. If Iran is mostly using commercial, off-the-shelf equipment that anyone including Israel could purchase same as they did then I have no doubt that samples have been obtained and put through testing.
Re:Does Iran have any home-grown IP infrastructure (Score:5, Funny)
Obviously one of the problems with the use of any given technology during wartime is that if it isn't local, there's a reasonably good chance that there will be attempts by one's adversary to use that technology against one in some capacity.
See the USA doesn't have this problem. Even with home grown infrastructure the highest echelons of the armed forces will simply openly share war plans with journalists.
Re: (Score:2)
While sometimes there's strategy in communicating exactly what one is going to do when one is in such an overwhelming position to where the adversary knowing what's coming can't do anything about it to the point that it might be even more demoralizing and force and advantage, I doubt that the method that the drunkard used is going to achieve that.
Wrong approach (Score:4, Interesting)
Does Iran have any home-grown IP infrastructure?
The problem with this approach is that you (as a nation) effectively create a unique target for exploitation. This means that you would be on it's own to ensure what they built is secure. This makes you an easy target for well funded adversaries who specialize in cyber-intrusion because they have more experience, more resources, and ultimately a greater capability to find and exploit flaws before you.
While a better approach would be to develop, export, and then cooperate to secure software/hardware, you still need a lot of people working the problem.
The best approach (when greatly outmatched) is to develop a hardware platform using globally utilized components and avoiding using SoCs. For the software, you want to utilizing existing developed software and submit additions, modifications, fixes to keep the community alive. The more widely the software is used, the more likely security researchers will be investigating it globally.
The idea that building your own thing means it's secure is arrogant. China's "Hygon" x86_64 chips that are required for government machines are based on AMD's Zen architecture but have several modifications. However, MITRE only has 8 CVEs that even mention "Hygon" meaning it's effectively on China to secure their chips since people are not actively seeking to use their chips, not even within China. Ultimately, if there is a way to subvert security that is unique to Hygon chips then China must find it because other nations aren't about to tell them when they find a flaw.
Re: (Score:2)
You use open source, COTS technology. But you assume that it has been compromised. You just have to generate a (relatively) secure message before placing it on those hardware/software platforms. IOW, encode your messages on paper. Then send them.
Traffic analysis might be enough to expose the structure of covert organizations. Although the Iranian military is pretty well known to Israel, so what is there to hide? The FBI cracked the ANTIFA organization by arresting a bunch of them, capturing their phones IM
Re: (Score:2)
Traffic analysis might be enough to expose the structure of covert organizations.
What if 20% of the members of the organization have a daily task to make sure they create and send a total of at least 10 to 20 encrypted messages each at random times of day? The actual 20% of org members who have this task would rotate daily, And most members of the org have no knowledge or assignment other than to create and send the messages.
A random number between 0 and 50% of the total messages are sent to actual othe
Re: (Score:2)
What if 20% of the members of the organization have a daily task to make sure they create and send a total of at least 10 to 20 encrypted messages each at random times of day?
Over 20 years ago I remember Greenpeace International had scripts that automatically did this. They would define a minimum traffic level, and data caught by the email spam filter would be used to pad out the traffic.
It did require each office to use a small custom router box, but that's the level of security they needed; better than a small country would have.
Re: (Score:2)
there's a reasonably good chance that there will be attempts by one's adversary to use that technology against one in some capacity.
Yes, there is. But this also makes fixating on the internet connection perhaps unreasonable.
So as you're probably aware, there notoriously exist these devices called Stingrays.
Cell phones that don't use Internet are still just as good at exposing your location over the corresponding protocols.
At this point you're going to stand out If all the cellphones in an area with pur
Re: (Score:2)
there's a reasonably good chance that there will be attempts by one's adversary to use that technology against one in some capacity.
Yes, there is. But this also makes fixating on the internet connection perhaps unreasonable.
So as you're probably aware, there notoriously exist these devices called Stingrays.
Cell phones that don't use Internet are still just as good at exposing your location over the corresponding protocols.
At this point you're going to stand out If all the cellphones in an area with purposefully no internet connectivity can be identified and located precisely. But your officials' cellphones are the only phones oddly configured that way. Or they use a specific make and model device which is not used by the rest of the population, but still connect to the cell network.
I was assuming that they were mandating that these so-ordered officials stop using digital communications themselves altogether, phones or otherwise.
Re: (Score:2)
I was assuming that they were mandating that these so-ordered officials stop using digital communications
The article states a limited ban on connected devices. Officials and their security teams are forbidden from using devices such as Laptops and phones which connect to public networks.
Thus suggesting that there are also private networks, and they may still use some devices which do not connect to public networks.
Back to basics? (Score:2)
So they are going to start using paper and runners (who take circuitous routes) to exchange messages between the officials?
Re: (Score:3)
Time to revive the messenger camel.
Re: (Score:2)
So they are going to start using paper and runners (who take circuitous routes) to exchange messages between the officials?
There are a lot of alternatives to the public internet. How easy is it to detect fiber optic communications and identify the users and their locations. My guess is at some point there will be a secure public communications network, the internet isn't it.
Re: (Score:2)
My guess is at some point there will be a secure public communications network, the internet isn't it.
You just go to a telecom provider and order either Point-to-Point circuits or Dark fiber to be installed between your buildings and a centralized building of yours with the extra stipulation that your point to point links have to traverse dedicated fiber exclusively.
Then when you go to connect up the fiber ports you configure and provision either 802.1AE MacSec [juniper.net] or QSFP-DD transceivers with Layer 1 enc
Re: (Score:2)
You can have a network that doesn't route to the Internet...
Re: (Score:2)
Sure, then my bet is that it will route directly to Mossad instead. Apparently they are everywhere in Iran.
Re: (Score:2)
Sure, then my bet is that it will route directly to Mossad instead. Apparently they are everywhere in Iran.
Whether they are, or are not, the concerns and paranoia that is introduced about not knowing for sure what your adversary has access to, and knows about your capabilities and plans and locations, can be a valuable tool which can be used to limit how you do things, and sometimes making you even more vulnerable as you end up using different solutions that are even more vulnerable. In thirty years (or so) there will be a book published with the details.
Re: (Score:2)
You can have a network that doesn't route to the Internet...
It might not be enough. If the network is compromised, all Israel would need is a satellite connection to exfiltrate the relevant metadata.
That is, no need to compromise the border routers, no need for high bandwidth.
Re: (Score:2)
Commodore-64's, baby! (Score:1)
No wonder my Commodore stock went up.
Re: (Score:2)
So they are going to start using paper and runners (who take circuitous routes) to exchange messages between the officials?
One possible solution is to use RFC-1149 [wikipedia.org]...
That'll work (Score:2)
smdh
They should appeal to the Toilet-ban (Score:1)
Don't cell it short (Score:2)
The internet is still up over there? (Score:1)
Send messages by drone (Score:2)
Neocon amnesia (Score:1)
Re: (Score:2)
Nobody cared what Tulsi Gabbard said, or thought that the intelligence community would share information with her, regardless of what title she was given.
That's nothing like Colin Powell, who was broadly trusted across political lines, lying to the UN.
Re: (Score:2)
Re: Stone Aged Values, Stone Aged Thinking (Score:2)
Or maybe not get manipulated into a war that will cost trillions of dollars, millions of lives, only to leave after 20 years having achieved nothing at all.
You bet Israel is only planning to start this, not hang around for the long, hard, unpredictable clean up afterwards. They want to leave that to the US.
Wait (Score:2)
Re: Wait (Score:2)
*had
Re: (Score:2)
Censorship in Iran would be incredibly strict...almost as bad as if you tried to say something unflattering about Israel in US media.
Re: (Score:1)
They can still use networked electronic devices... (Score:2)
...those devices just can't connect to the public internet.
There's a fair chance that a non-public network already exists for secure communications between high-level officials. The US has such networks - it's the sort of network that Hegseth was supposed to use instead of Signal.
That does raise the question of whether Iran already has such networks already, or still needs to build one. Which in turn raises the question of how many Mossad agents are / were / will be involved in the construction and maintena
Re: (Score:2)
That does raise the question of whether Iran already has such networks already, or still needs to build one.
That's easy to answer. They had one, but on the one hand it was infiltrated, and on the other hand their routers have been exploding.
That's why they would be using public internet; their private network is failing. And the government isn't trying to function, they're trying to preserve enough of a remnant to reassert power after the conflict.
So instead of zoom... (Score:1)
y'all get together in a big room at the same time.
Why here's an inviting one in pristine condition...
Shattering my image of Iran (Score:2)
Due in part to the rhetoric characterizing Iran as an evil empire, I had this vision of Iran being somewhat...powerful. It's still early days, but it seems in just a few days Israel has managed to knock the entire country's defense infrastructure to smithereens. Now they seem like more of a blustering bully who's been smacked in the jaw and is now running for cover.
I can't say I'm a fan of Israel's attack, *or* of Iran's hostility over decades, but the point is, I certainly did not expect this kind of outco