How Iran can track and control protesters’ phones: hacked documents

<a href="https:&#x2F;&#x2F;archive.ph&#x2F;gYSEG" rel="nofollow">https:&#x2F;&#x2F;archive.ph&#x2F;gYSEG</a>

I&#x27;m an Iranian and the current situation in Iran is not good. No internet. Businesses have stopped because of uncertainty and constant protests and crackdowns. I don&#x27;t know what will happen next. I think it will get uglier.

It’s interesting that IMEI seems to be the primary key that much of these backdoor commands rely on. Collating your IMEI against historical info, the government knows where you’ve been and with whom; collating it against other personal data, it can figure out your address, employer, birth certificate, etc.<p>I wonder how people might obfuscate or rotate their IMEIs, to prevent this kind of tracking and collation?

<a href="https:&#x2F;&#x2F;briarproject.org&#x2F;" rel="nofollow">https:&#x2F;&#x2F;briarproject.org&#x2F;</a><p>Airplane mode + Briar. It&#x27;s really well designed for these situations. You can share the app directly via the app. No need for cellular connections.

Feels like we need to spread more awareness of more traditional, offline methods of organizing and protesting en masse, to avoid these kinds of exploits.

The English version PDF document going into the specific digit manipulation and service code string formats looks to me like a boilerplate they started with and I would be surprised if they have renamed all the methods and variables let alone modified any format structure. It should be easy to figure out the software platform they are using and even if this got sold through a front company there will be a very nervous LI system vendor and supply chain out there somewhere who is about to have a ton of bricks come down on them.

Hint: Nokia 8110 on GerdaOS can change IMEI: <a href="https:&#x2F;&#x2F;gerda.tech" rel="nofollow">https:&#x2F;&#x2F;gerda.tech</a><p>No idea about how hard it will be to get the device in Iran.

Just the fact that Iranian government routinely emits parasite radio signals to jam foreign Persian broadcasts (BBC Farsi, Manoto, etc), while knowing this causes significant health issues to its population, shows you how far they are ready to go before they are overthrown.

Why would lowering speed of a communication make interception easier ? I am thinking in terms of Internet standards (TCP&#x2F;IP, TLS, etc) and know nothing about telephony:<p>&quot;This ability to downgrade users’ speed and network quality is particularly pernicious because it can not only obstruct one’s ability to use their phone, but also make whatever communication is still possible vulnerable to interception.&quot;

It saddens me a lot but my prediction is that these protest won&#x27;t overthrow anything. As long as there is no help from at least part of the military there is no hope for the protests to grow into a revolution. We have seen it in Belarus.<p>But when Khamenei dies there is a window of opportunity for Iran to become a military dictatorship instead of the current theocracy.

It doesn’t make a lot of sense that they’re trying to move people to old protocols that can be intercepted. It’s an authoritarian country, why not intercept at the provider who has all the keys anyway?

politics aside, based on public information it feels like the main difference between this and all the other metadata-type systems in place is the centralised ability to downgrade connections?