One week inside the Haystack

Last week I blogged about Haystack. That post, followed by reply from Austin Heap, Haystack's founder, triggered an interesting and at times heated discussion on mailing lists, blogs, and Twitter.

 

Some of that discussion was more heat than light, and I am sorry if my original post contributed to that. These issues are of huge importance. And in the interest of focusing on what really matters—the promise of systems like Haystack in protecting dissidents—I would like now to express my understanding of Haystack both more cogently and in greater depth. To be clear: I am not a security specialist. But since my blog post went up I've had many conversations with security/cryptology experts as well as with Austin Heap. I am very grateful for the conversations. My conclusions about Haystack remain very skeptical, and I will explain the sources of that skepticism here as well as reflect on what the Haystack situation reveals about the state of play in the "Internet & democracy" space. Let me emphasize once again that this post is not meant as an attack on Haystack or Austin Heap. 

Since this will be a very long post, I'll break the rules and start with some conclusions. You may then want to read or skip some of the technical details before heading straight to the last section that contains some unanswered questions/even broader reflections.

I. Haystack-related: Nothing about what Haystack/Austin Heap has disclosed so far could convince me that Haystack is a safe product that can be used in a highly sensitive context like Iran. (Austin Heap did make some important promises about the future.)

 

 

II. Haystack-related: Haystack has so far failed to publish a coherent narrative about their operation, how it came into being, and how extensive it really is. Paradoxically, such ambiguity may have helped to generate the buzz in the media, as reporters were free to imagine anything they wanted about Haystack and how it worked. Furthermore, some of the claims that have been made by Austin Heap earlier this year are misleading and ended up presenting Haystack in a far more impressive light than the evidence merits. The fact that Haystack is still in beta is not widely publicized and not reflected in most media reports about them. While this ambiguity probably works in their favor at this point – at least in terms of raising money and generating the public profile – the ethics of this are dubious.

 

III. US government-related: the murkiness surrounding the review process of allowing technologies like Haystack to be exported to Iran is extremely nontransparent and ambiguous. While the US Treasury and Commerce Departments almost certainly did not opine on the security of Haystack's architecture in the context of Iran, the fact that they granted them the license/waiver can still be construed as such by the general public. That the US State Department chose to reveal its endorsement of Haystack is unfortunate and would most likely hurt both parties.

 

If you want some geeky technological details, see below. Otherwise, skip straight to the end of the post.

***

Now, after I perused virtually everything ever published about Haystack on the Web and exchanged numerous emails with Austin Heap, it appears that Haystack claims to do three things:

 

1) It encrypts all data that is being exchanged between Haystack's users and Heap's servers. For the uninitiated: if the encryption is done properly, even if someone intercepts the data that is being exchanged, they would have a very hard time determining what it is.

 

2) It then relies on some form of steganography to mask this data to look as if it were something else. This supposedly makes it more difficult for the Iranian police – or anyone else who might be looking – to automatically identify that some improper sites are being visited.

 

How does it work? Well, it appears that Haystack presents some of its user traffic as traffic that looks innocuous; i.e. the police may be led to believe that the users are visiting sites like weather.com while they might be browsing sites that are banned in Iran or may simply raise suspicion (e.g. Twitter or Facebook).

 

As per my most recent correspondence with Daniel Colascione, Haystack's lead developer, “ the traffic [is made...] to look legitimate enough to a machine that it can’t confidently and automatically tell the difference between it and regular traffic...We never claimed that a *human being* sitting down with traces couldn’t figure out *something* was going on --- though thanks to our encryption, that human being still couldn’t figure out who the user was actually talking to.”


This is all that Haystack has disclosed about their steganogaphy so far. Note that if their encryption IS NOT as strong as they claim and if THERE IS a human being assigned to the task of hunting for dissidents and performing in-depth analysis, they've got a problem.

3) Relying on Functions 1 and 2, Haystack then helps to circumvent censorship, i.e. it allows those who use it in Iran to access web-sites that have been blocked by the government. My understanding also is that after the data has left Iran, it is sent to Austin's central system that can monitor everything – they know what was sent, where it was sent from, where its going on the net, and of course possibly also the content of the requests themselves. While this is standard practice with many similar tools, there are all sorts of things than can go wrong here. All depends on the implementation.

One needs to remember that even if Haystack did not exist, some of such functionality is already available in other tools. Functions 1 and 2, for example, are already provided by a number of commercial off-the-shelf tools. (However, not all of them are easily accessible from Iran, as the government quickly blocks access to them as well. ) Function 3 is interesting; I don't know of many (any?) mass-market tools that could perform that function in the context of Iran.

     

    Essentially, if Haystack works as advertised and has no security flaws that might compromise its users' security, it's, indeed, something of a conceptual breakthrough. I'll be the first one to acknowledge this.

What kind of evidence do we have so far to assert that it does, indeed, work as advertised? Let's deal with each of its three functions separately.

***

On the circumvention front: according to my correspondence with Austin Heap, they have tested their software inside Iran. They have had some problems, most of which – according to Heap – they have managed to resolve. My anonymous source inside Iran who has had first-hand experience with testing Haystack has painted a somewhat less rosy picture; Haystack's rate of circumventing censorship was not particularly impressive. An Iranian source very close to Haystack also wrote to me that “some preliminary tests on the software in Iran have been less than satisfactory.“ Also, Austin claims it has been tested and works in some other Middle Eastern countries; he produced some evidence to that effect.


This seems like good news. But I don't really know what it tells us about Haystack's future potential. For once, Haystack is only used by a limited number of people who are test-driving it in Iran. At this point, there is no reason why any government – including Iran's – would start searching for ways to block software that is not widely used by their population and presents no threat.


The moment Haystack goes into mass-market distribution – and this, according to Heap, is their stated goal – this would no longer be the case; the Iranian government would immediately get very interested. Given the resources they have at their disposal, it's quite likely they'll find a way to block Haystack pretty quickly.


Of course, maybe Haystack will raise enough resources to outsmart the censors, at least in the short-term (this is the famous “cat-and-mouse” game that Patrick Meier alluded to in the Newsweek piece and that Austin Heap often alludes to in interviews as well). Such an approach seems to be working in the case of the Falun Gong-affiliated Global Internet Freedom Consortium who have been designing tools similar to Haystack to distribute in China.


In reality, though, the approach is most probably not working: if it was, GIFC would not be asking for so much money from the US government all the time. What they seem to be doing is rotating IP addresses and buying a lot of bandwidth – a blunt strategy but it seems to work as long as someone wants to keep pouring money into their ventures.


That said, I'd be wary to draw parallels between Censorship Research Center – which, according to my conversation with Austin – has less than $3k left in their bank account while their hosting costs are $1k per month – and the Falun Gong crowd. The latter are way more resourceful, have a religion to back them up as well as a bunch of extremely powerful Washington insiders like Michael Horowitz and Mark Palmer  to advocate on their behalf.


So my verdict on point #1: While I'm willing to acknowledge the possibility that Haystack might be working in Iran during its testing phase, I don't think this means much in the long-term. It's no worse or better than any other prototype that has not yet been flagged by the Iranian government. And it's very hard to expect that the Iranian government wouldn't be watching Haystack with their utmost attention given how much buzz Haystack has generated in the media...


Unfortunately, I still don't know what goals – other than fund-raising and development – such proactive media exposure has advanced. One of the few snarky remarks I'll allow in this post is that it's very tempting to believe that Haystack's approach seems to be “market first; test second”. It is an approach that works well in the Bay Area; I am not sure it would work equally well in Iran.

***

Now, onto point #2: encryption. It's not the case that a censorship-circumvention tool absolutely needs strong encryption to do what it is supposed to do: i.e. provide access to sites that are banned. I can think of many cases where encryption does not need to be very strong – e.g. I use the tool to access the banned Gmail and use it in https (i.e. secure) mode. Some kind of basic encryption may be good enough to let me bypass government's filters but it surely won't protect my privacy; that said, knowing that Gmail provides encryption of its own, I may not be particularly worried. The most important thing here is to make sure that the risks I am taking are made visible. E.g. if I know that the software I am using does not claim to be secure, I'll alter my behavior accordingly and be more cautious. If the software DOES claim to be secure, I may not be motivated to do so.


The tools offered by the Global Internet Freedom Consortium – Freegate, Ultrasurf, and others – which Austin Heap likes to tout as his model – claim to be “secure” but it's such a broad definition of security that no one really knows what it means; uses would probably be wise to disregard such claims outright. In other words, while they do make some claims about encryption, they do not back them up; their primary focus is on circumventing censorship. Is it a problem with GIFC's tools? I bet it is.


Now, given that Haystack is a censorship-circumvention tool and the very act of circumventing censorship in Iran is illegal and can put users in danger, one probably wants to hide as much data about users as possible. So “security” - however vaguely we define is – is something that one does want to see in Haystack. This is precisely what Austin Heap and Haystack claim to provide on their site's FAQ. Furthermore, they claim to provide some effective steganography, which is seen as a very difficult challenge by those in the privacy/security community:

 

Is Haystack secure?

Yes. We go to great lengths to ensure that any traffic between our servers and our users looks like perfectly normal, innocuous, and unencrypted web traffic. It would be exceptionally difficult to detect and block automatically.

However, even if our methods were compromised, our users' communications would be secure. We use state-of-the-art elliptic curve cryptography to ensure that these communications cannot be read. This cryptography is strong enough that the NSA trusts it to secure top-secret data, and we consider our users' privacy to be just as important. Cryptographers refer to this property as perfect forward secrecy. 

 

I am not a cryptographer and I've learned more about encryption this week than in my entire life. That said, based on the numerous conversations/email exchanges I've had with people who work on these issues, my understanding is that Haystack has so far failed to produce much evidence that their encryption works as advertised. The fact that they have implemented a particular open-source cryptographic routine is not a guarantee that they have implemented it properly. That it's state-of-the-art does not mean much; Space Shuttle Columbia also had a lot of state-of-the-art technology in it.

 

An analogy might help here. Suppose you and I start with the same perfectly safe parts of the automobile engine. Is it possible that we assemble those parts in two different ways, of which one would be less secure than the other? Sure, it is possible. So far Haystack has disclosed that they use one safe part in their engine – without telling us anything about how the engine actually works and how that particular part fits into it. This is not a car that I would like to be driving, even if NSA owns a car fleet with cars that have the same parts in their engines.


Do the Haystack folks need to publicly reveal everything about their engine and make it into an open-source kind of car to assuage security concerns? No, this is not required (even though I've heard many strong arguments that it would help: the Iranian government would probably be able to decompile their software anyway while making it open-source at this point would help them tap into the community of well-meaning outside techies who can help).


If they are short on funds, it's possible to ask someone with an independent third-party with the right credentials in the computer security/cryptology field to take a thorough look at their code, test-drive the software and write a report that can be shared with the rest of the community that would assuage at least SOME fears without disclosing any proprietary information.


Austin Heap wrote to inform me that they are planning to hire a professional testing firm to do just that once they finish tweaking their code. I think this is a good idea – provided they have the money. But it's important to keep in mind that until that happens, there are few reasons to treat Haystack as a secure or reasonable technology, not lease because its overall design has not been independently vetted or peer-reviewed. In our correspondence, Heap did point me to a few people that they have shown Haystack to. I interviewed a few of them.


My impression is that they did not really get a chance to look inside it – nor could I definitely say that what they looked is what Haystack looked like 10 days ago or 20 days ago. (One knowledgeable person who spent some time looking at Haystack's demo said that it was “ software definitely in beta stage, with a lot of room for improvement”.) For all we know, at this point, Haystack may well as be like the Ship of Theseus in Greek mythology: it's changing so much and so fast, that no one is sure if any of the original wood is still there.

***

Now, function #3: steganography. I'll save you the Wikipedia visit: “Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. “ (UPDATE: Bram Cohen just alerted me to the fact that it may actually be incorrect to say that steganography is a form of "security through obscurity" - did someone get something wrong on WIkipedia?) 


In Haystack's context, it translates into the ability to mask what sites/content you are actually visiting/downloading, presenting it as something innocuously-looking instead and potentially confusing the Iranian censors. Maybe Haystack does a good job at it; maybe, it doesn't. No information has been released to prove it either way. While they have disclosed at least some information about their encryption methodology, very little has been disclosed about the steganography.


Both of the anonymous experts who had a chance to see Haystack's demo that I spoke to implied that Haystack's steganography didn't seem to be flawless and would benefit from an independent review. As such, unless it's vetted properly – by a third-party firm or by someone else – I think it's safe to assume that it is not safe.


My own limited understanding of this issue based on conversations with experts is that while Haystack's particular approach may be working at the moment, it's most likely due to specific bugs in Iran's firewall. Obviously, once Haystack goes into mass-market circulation, it's not clear that those bugs will remain. (The Newsweek piece does contain a very important detail: Austin Heap did manage to get hold of a 96-page document about how Iran's censorship system works that was leaked to him supposedly by someone in the government; this may explain how they pulled off the particular steganographic solution.)

 

***

So, to sum up the three points, we are dealing with a program that

 

a) has only been used by a VERY limited number of people inside in Iran (I hear that less than 100 copies have been distributed after Haystack got the US government's greenlight for export sometime between mid-March and mid-April) while its future as a mass-market product depends on how much money/resources they can raise.


b) may not offer the kind of encryption/security that its founder claims it does; Haystack has not provided any significant evidence to convince me of their security, only promises that they WILL address it, including by disclosing parts of their encryption architecture (note: by “evidence” I mean tests results by independent security experts – which Haystack does expect to obtain in the FUTURE). This is a great and important commitment – but for now, we don't know much about Haystack's security. I am not sure I can trust their FAQ alone.


    c) may be hiding sensitive user traffic and mixing it with some innocuously looking traffic – but we don't know how secure such “hiding” methods really are, because they have not been independently tested. (Once again, this is something that Haystack seems eager to have tested at some point IN THE FUTURE.)

Does it mean that Haystack will never be secure? No, it doesn't. As far as I'm concerned, they may one day become the most secure piece of software in history. It's just that at this point we have very little evidence to imply anything of the kind. They may have a fine prototype – but it's just that, a prototype.


Given what I've heard from Austin Heap so far – including their plans to make Haystack available on the iPad – I have some questions about their priorities. (Who needs Haystack on the iPad when one cannot even legally purchase iPads in Iran?) Moreover, Austin Heap wrote to me that they are planning to launch in four more countries, which may stretch their ability to make their software secure even further.


    In short, Haystack may have a very glorious future. Its past, however, is far less glorious.

***

It may be too much to demand of my readers but do watch this 20-min video interview with Austin Heap. Or watch at least the first 8-10 minutes of that interview, which Austin Heap gave to Alex Krotoski of the Guardian (the interview was shot for the Virtual Revolution documentary; some transcribed parts of that interview also appeared on The Guardian's web-site). The interview was published on March 21, 2010.

 

Here are three excerpts from that interview, which I think are important to consider when thinking through Haystack's history.

 

Interviewer: Austin Heap, you developed an application called Haystack, which was pretty important in opening up the Iranian Internet which had been shut down in the immediate aftermath of the Iranian elections last year. Can you explain what Haystack is? How does it work? And how you decided to develop it?

Austin Heap: Sure. Haystack, it's basically a piece of software that a user in Iran would run on their computer and it does two primary things: it encrypts all of the data and it hides all of the data inside what looks like normal traffic, so it looks like you are visiting weather.com or completely innocuous sites...[interview continues...]

Interviewer: ...And Haystack acted at what point in this process [of circumventing censorship?]

Austin Heap: What Haystack does it starts at the very beginning. The primary concern is protecting the user. That's why step 1 is encryption. Step 2 is getting around actual censorship. You can use a proxy to get around the censorship but it's fairly easy to monitor that traffic; you can eavesdrop, imagine what you can do if you can watch someone's internet connection: you can watch them log in into GMail, you can watch them log into Facebook, you can see who they are talking to, you can intercept their messages. And so the encryption was really really important for us: now, it has to start on the user side - like on their computer. So Haystack sits there. First, it encrypts, then it makes its way through the government filters.

Interviewer: And what Haystack did in practice when it did find its way onto people's computers? Was that it allowed them to load things like Twitter and Facebook and the blacklisted sites?

Austin Heap: Right. And I mean it's not just Web traffic. All of a sudden, it allowed people to make Skype calls back to their families securely, it allowed people to do basic things like send Gmail without worrying that someone is doing like man-in-the-middle attack and trying to steal their passwords or monitor their email. It gave them a layer of protection that allowed a random person to be a citizen journalist without the risk of persecution, jail, torture, you know, whatever happens next. 

 

Perhaps, it's just me, but on reading these three questions and answers, I am led to believe the following: Haystack is not a prototype but a real piece of well-functioning software that made it to the computers of random Iranians; it aims to deliver SECURITY [“our primary concern”...] to those who use it while also providing ACCESS to banned sites; it is actually actively used by “people in Iran” who rely on it for all sorts of things that they could not do before – Skype, Gmail, etc – AND it allows them to do so more securely than they would have been able to otherwise.

 

Nowhere in the interview does Heap mention that the software is in the beta-testing stage or that its use has been limited to only a few dozen – or even fewer – testers. (It may be too difficult/challenging of a point to make, but it would also be nice to have him point out that since Haystack is hosted n the US, the American government can now potentially monitor all of the traffic that is used by people plotting a revolution in Iran.)


Now, after I exchanged a dozen emails with Heap, the picture that emerges is very different from the one painted in the Guardian interview. Haystack has not been widely distributed in Iran; its use has been limited to a few dozen people, all of whom were specifically recruited to test whether it circumvents censorship. In fact, Austin wrote to me that “our initial test group prior to halting exports was much smaller (a handful of people)” (Austin resumed exporting Haystack to Iran – I assume for testing purposes – after getting the license from the US government; this also means that they may have been doing some of those exports illegally).


Am I wrong to assume that the “people” Austin mentions in the interview – those accessing Skype and Gmail – were just a “handful” of specifically-recruited testers of the software? That there was no network of Iranians using Haystack? That there are less than a hundred now – but there were just a “handful” when Austin gave the interview?... I think it's not an unreasonable assumption.


In other words, the grounds for claiming that Haystack allowed “a random person” to become “a citizen journalist” seem rather shaky; according to Austin's own version of events, no random people ever saw this software. And if some random people did use it, it was a major oversight on Austin's part, because, as himself acknowledges now, the software needs a security review. The only reasonable conclusion that I can draw from this is that either Austin greatly overstated the actual use level of Haystack in Iran OR that some naive Iranians were put under unnecessary risks. For Iranians' sake, I'd really like to believe it's the former.


Furthermore, the interview makes it clear that Heap does believe that “security” and “encryption” are so important to Haystack that he places them even above “circumvention”. This is fine and laudable – but we have not seen much evidence that it does deliver security to its users as flawlessly as Austin Heap claims. (Once again, I believe this is something that he is coming to recognize – hence his willingness to show software to some experts and run a third-party test on it). As such, his analogies to tools like Freegate don't stand up to close scrutiny; Freegate surely does not place “security” first – a fact that the GFIC folks do not hide. Theirs is primary a circumvention tool that provides just enough security to break through the firewall.


Very few of the other interviews/public statements from Austin Heap that I have read in the last week (and believe me, there are very few statements I did not go through) have been forthcoming on either a) the fact that Haystack is still a prototype – or a beta if you will b) the fact that its use was limited to testers only.


The impression that one would get on reading most of those pieces is that a) Haystack is distributed to Iran – not widely, but distributed nevertheless – with the objective of being used beyond testing b) its level of encryption/security fully satisfies the Haystack team (see the FAQ above). If anything, Haystack may have overstated their capabilities/use level to the media.

***

Some Conclusions and Unanswered Questions

 

Now, what have I learned form all this?


a) The Media Failed to Produce Serious and Critical Reporting on Haystack: The mainstream media who have covered Haystack so far have almost completely failed to ask the tough questions they should have been asking: about the number of Haystack's existing users; about how its founders are planning to scale their userbase; how such scaling may affect their ability to provide effective circumvention AND security; how extra publicity they get in the media may hurt their objectives; which independent party can vouch for the security of their software... This list can go on.


The bottom line is that such questions were not asked. Is it because the journalists are so caught up in the cyber-utopian myths around Iran's Twitter Revolution that they refuse to critically examine its proponents? Or is it because the subject matter is too complex for them to scrutinize the claims made by technologists? I don't know. Most likely, both have played a role.


If the journalists were covering Haystack as a prototype – a technology that might be of use in Iran at some later point in the future – they definitely failed to investigate the kind of conditions that its successful deployment as a full-blown project would require. If they were writing about Haystack as an actually existing technology, their failure to pose questions about its security is even more glaring. Either way, there is no escaping the fact that media failed.


In my research, I inadvertently uncovered some other ugly stuff, which I feel I have an obligation to disclose. It was probably not a very good idea for the journalist cousin of Haystack's managing director to pen articles/do radio pieces about Haystack without disclosing the connection. To his credit, Cyrus Farivar promptly disclosed that connection after I asked him about it.


Cyrus also posted some interesting reflections on how hard it is for a technology journalist to actually investigate the kind of claims made by Haystack – this would require background reading in cryptology, sanctions, etc. True – but covering the modern-day financial industry with derivatives and other complex financial industries would require as much knowledge. I don't think that ignorance is a good excuse here.


If the US government is serious about all this “21st century statecraft” business, they should start funding conferences/trainings/events aimed at educating the journalists about how to write about such stuff. (I've long been making an argument that the only way to go beyond the simplistic discussions of cyberwarfare in the media is to educate the journalists – something that I'm glad the NATO center in Tallinn is keen on doing.)


II. Much Ambiguity Is Created by the Technology Export Review Process: The way the US government reviews what circumvention/encryption technologies are allowed to be exported to Iran is nontransparent and ambiguous. The fact of obtaining a license can be easily misunderstood as meaning something that it is not intended to mean. The more I learn about this bureaucratic process, the more I come to realize that all that the US government really vetted in Haystack's case was not its ability to do what it claims – i.e. circumvent censorship and do so securely – but only its potential to compromise American interests – including those of the national security variety – if it were to be allowed to be exported there.


In other words, the US government would have alerted Heap if Haystack were too good to be true – but it would not have alerted him if Haystack had some major security flaws. I've got evidence (which is highly sensitive but can probably be revealed on demand) that at least on one occasion Austin Heap used the fact that Haystack had been granted a waiver by the US government and that no other companies had been granted a similar waiver as an argument to buttress his claims about Haystack's superb technological potential. I don't know whether this happened because he misunderstood the meaning of the waiver or whether because he deliberately misrepresented the facts.


Did getting the waiver require Haystack to submit tons of documentation? I am sure it did; Heap confirmed this in his emails to me. Was a positive decision to allow such exports somehow reflective of Haystack's ability to do what it claims to do? I doubt it... I'm not a legal expert on trade law but so far this is the only explanation that makes sense; we can't really expect the US government to vouch for Haystack's security architecture – and I am sure this is not a role they see themselves playing either (e.g. they don't opine on the security of tools exported to China or Saudi Arabia). That said, I'm not certain that this is how the media interpreted the fact that a positive decision had been taken. Too much ambiguity here creates an impression that a more thorough vetting may have taken place.

 

III. Haystack's Endorsement by the US State Department Was Not a Good Idea. Warning, my favorite subject ahead! Parts of the the US State Department do not seem to be aware of the highly political nature of their activities. Hillary Clinton did mention Haystack – if only in passing – in one of her speeches, as I already pointed out. The Newsweek piece about Haystack specifically mentioned that the State Department was also supportive of Haystack. Here is the direct quote from that piece: “[Heap's] innovation caught the attention of the State Department, and it was fast-tracked for speedy approval”. If this is not an direct endorsement of Haystack by the US government, I don't know what is. 

 

I am not pointing any fingers here (joking, of course!), but Austin Heap was also invited to appear at the London summit of the Alliance of Youth Movements, an organization that was launched with the backing of the US State Department and was spearheaded by this blog's ultimate hero Jared Cohen. Jared also chaired a panel that featured Austin at the AYM's London summit and accompanied Heap to the reception held at the residence of the US Ambassador in London (this is a great photo of Heap and Cohen together – also have a screenshot). Heap told me that he believes Cohen had nothing to do with their licenses/waivers – something I very much like to believe but find it very hard to, given Cohen's own history of interventions in Iran-related technology matters. Regardless of Cohen's involvement, even if the US government does love Haystack so much, why on Earth make its love so public? Won't it put Haystack's users at even greater risks?

 

Suppose that Haystack was not as judicious as they have been so far in distributing their software and, with the government waiver in their hands, would simply put their software for download by anyone in Iran. This could easily have led to disastrous consequences...

     

    Just to make it clear: Haystack is not at fault here; the State Department – I am not so sure. Austin Heap can make whatever statements he likes; the government, however, is supposed to treat such statements with due skepticism and think through the political implications of their endorsement of any technologies. All this fast-tracking stuff would surely reflect bad on the State Department if after an independent security review it does turn out that Haystack has severe security flaws, which its testers – or other Iranian uses – may not have been aware of.


    And why did Clinton choose to speak about Haystack and not say Tor or any other tool? Also, not very clear. Were the diplomats charmed by all the buzz around Haystack in the media? Possibly. That said, it would be very good to know whether the State Department did ANY analysis/testing of Haystack's claimed capabilities, thought through how well it could scale in Iran, and whether they may be hurting its users in Iran – current and future ones – by lining up behind them. Were these questions asked and answered?

Final Note: Based on my conversations with Austin Heap, I understand that they are eager to show Haystack to more experts and have an independent security review. All of this is great. The past, however, is the past – and I think there are certain things there that Haystack needs to explain/live up to. On the one hand, I am glad to discover that the number of people using Haystack in Iran is so small and that they may have all volunteered to do it as testers. On the other hand, the way in which Haystack has been presented to the public over the last 12 months has been misleading.

 

UPDATE #1:  I just received information that "Haystack has been turned off as of ~19:00 PST, Sept 10/2010", with Austin Heap agreeing that "Haystack will not be run again until there is a solid published threat model, a solid peer reviewed design, and a real security review of the Haystack implementation."