Funding for the MTProto project comes directly from the Iranian government, and this has reportedly yielded a proxy that is specifically capable of evading that government’s block on the popular Telegram messaging app, which was imposed only last year. CHRI stated that “it’s unclear how MTProto is,” but it then went on to note that the company behind it its distribution inside Iran, Smart Land Solutions, is the same company that previously developed Telegram clones for Iranian users.
As these clones began to emerge in advance of the ban, various cyber security experts warned against downloading them, because doing so could expose users to more extensive monitoring by Iranian cyber police. These authorities have routinely used online communications as the basis for prosecution in line with the Islamic Republic’s vaguely-defined religious and political laws, like “insulting sanctities” or “spreading corruption.” Authorities have also carried out multiple raids on individuals and organizations you used social media to contribute to networks of professional models and photographers, or to otherwise promote secular or Western lifestyles.
In light of the warnings about Telegram alternatives like HotGram, the original app is still widely used throughout Iran, in defiance of the ban. But this is only possible through the use of circumvention tools similar to MTProto. Meanwhile, Iranian internet users who either do not use such tools or were not aware of the relevant warnings may presently be communicating with technologies that are vulnerable to spying. In this sense, the government’s strategy seemingly failed to strike a decisive blow against banned apps, but succeeded in further chipping away at online freedom of expression.
It is reasonable to assume that Smart Land Solutions has worked with its government financiers to build the same sorts of deliberate security vulnerabilities into MTProto as it did into previous clones of Telegram and other popular apps. And as CHRI affirms, it is likely that the outcome will be similar, in that most users will avoid the government-sponsored resource while a handful will open themselves up, wittingly or unwittingly, to expanded monitoring.
This reflects the same contrary trends that were referenced above. That is to say, the Iranian regime is working to impose new restrictions and to find new strategies for criminalizing online communication, but the vast majority of Iranian web users are still pushing back against the restrictions and finding generally secure means of defying them.
It was perhaps in awareness of that latter trend that Brigadier General Gholamreza Jalali, the head of Iran’s Civil Defense Organization, appeared on state television on Tuesday to praise the regime’s supposedly unparalleled cyber security protocols. “In the area of such threats, we have achieved remarkable capabilities and can easily thwart [foreign] attacks,” he said.
Although his remarks were prominently focused characterizing the Islamic Republic as being under threat of cyberattack by “enemies” such as US intelligence agencies, these claims very often function as code for the regime’s war on any perceived challenge to the ruling system. For instance, in January 2018, while Iran was still in the midst of a nationwide uprising by domestic proponents of democratic governance, Supreme Leader Ali Khamenei blamed the protests on a “triangle of enemies” based outside the country, using domestic dissident groups as paws and foot soldiers.
In reporting on Jalali’s comments, Tehran Times also pointed out that the Iranian government recently claimed to be launching the next phrase of its long-touted plan to develop a national information network, or Halalnet, that effectively isolates the Iranian internet from the rest of the world and only allows the display of regime-approve contents. Many information technology experts have dismissed these plans as impractical, but officials’ ongoing promotion of the idea underscores a commitment to imposing as many restrictions as impossible on domestic communications.
As with HotGram and MTProto, the regime has sought to push the public toward a Halalnet prototype by promising faster speeds and fewer interruptions when using the government-approved alternative. But recent and ongoing trends cast serious doubt upon the assumption that Iranians, in general, will trade away what limited online security they now have, for the sake of greater convenience within limited areas of online activity.
Furthermore, the regime’s professed confidence about the future of the Halalnet appears to be at odds with the recent efforts to develop vulnerable circumvention tools. Although Telecommunications Minister Mohammad Javad Azari Jahromi portrayed MTProto as a means of “managing” the persistent impulse to circumvent restrictions, it is difficult to see why such management would be necessary if the authorities truly believed themselves capable of cutting off the Iranian internet from the outside world.