Free speech technology project collapses

A prominent US technology project designed to help Iranians evade internet censorship has collapsed amid recriminations this week after what its lead developer admitted had been a case of “hype trumping security.”

The Financial Times
September 15 2010

By Richard Waters in San Francisco

The plan, known as Haystack, was part of a broader wave of US technologies designed to promote free speech on the internet in repressive regimes, with the active support of the US state department.

But in a resignation e-mail on Tuesday, Daniel Colascione, the project’s lead developer, called the release of untested and insecure software “a catastrophe”.

“Nobody disputes their right to test the software – but testing without telling people puts their lives at risk,” said Evgeny Morozov, a blogger and internet researcher whose public questioning of Haystack provoked the scrutiny that has led to its collapse.

While not mentioning the plan by name, Hillary Clinton alluded to the software in an interview this year as a piece of technology that would “help information continue to flow freely into and out of Iran as well as within Iran”.

The plan was the brainchild of Austin Heap, 26, a San Francisco software developer who was drawn to the cause of supporting internet freedom during last year’s disputed Iranian elections.

Speaking this week, Mr Heap said he had given up a “six-figure” salary in order to pursue his project full time. “Every person deserves the right to speak without fear of retaliation,” he said.

The rapid unravelling of Haystack, including the resignation of Mr Colascione and a prominent board of advisers that Mr Heap had assembled for the project, followed the first independent review of the technology over the weekend.

“It’s so dangerous to use, it’s unbelievable,” said Jacob Applebaum, a developer who led the review. “The first thing it does is tell everyone you are using Haystack,” he added, making users an obvious target for Iranian authorities. Mr Heap said Haystack had been tested in Dubai and was intended to be offered free in many other countries.

Mr Colascione distanced himself from the project on Tuesday, claiming that he had been misled. “It is as bad as Applebaum makes it out to be,” he wrote in a resignation e-mail.

He called the version of the software that was released to Iranians “a diagnostic tool never intended for dissemination, let alone hype”.

He added: “Running it once in a controlled environment was a risk . . . Multiplying that risk by users and by uses was what made it a catastrophe.”

Speaking before Mr Colascione’s admission, Mr Heap said he had made “some mistakes” in the development of Haystack.

He put those down to his age and the lack of other models on which to base his project. “I wish someone would give me a manual,” he said.

“His heart’s in the right place, but he did get carried away with the media attention . . . ” one of Mr Heap’s former backers said.

Mr Heap said that no more than “a few dozen” people in Iran had used the test version of the software, and that they had all been warned of the potential security risks.

But Potkin Azarmehr, an Iranian dissident living in London, said that Mr Heap had told him in March that 5,000 people were on the Haystack network.

He added that he had been given no warning that Haystack only existed in a test version, or that it was potentially dangerous, and said he had forwarded it to five people in Iran, though none of these people had been able to make it work.

Copyright 2010 The Financial Times

FAC  Content Use Policy