A technical look at Iran's internet shutdowns

Original Article ↗ Hacker News Discussion ↗

Perceived gaps and risks in the article

  • Several commenters say the piece is light on concrete technical and operational detail, especially around legality, detectability, and consequences of running encrypted services in Iran.
  • Concern that hosting your own Matrix or similar service inside Iran is both trivially discoverable (Iranian IPs, server seizure) and potentially very dangerous.
  • Some feel the author is speaking about Iranians without understanding local realities (e.g., SMS cost, already-sanctioned payments).
  • Multiple comments stress: bad or oversimplified advice can get people imprisoned or killed; authors should be extremely cautious when prescribing tactics for people under repressive regimes.

National Information Network (NIN) and domestic infrastructure

  • NIN is described as far more than special DNS: a centrally controlled ecosystem including backbone, DPI, certificate management, domestic search, antivirus, and regulated services.
  • Architecturally compared to nationwide “corporate IT”/Zero Trust: all ISPs sit under state ASNs, enabling centralized control and easy disconnection from the global Internet.
  • Domestic payment and many online services continue to function during shutdowns because they’re fully local.
  • NIN appears to apply DPI mainly at the international boundary; internal traffic may be treated differently.

Circumvention tools: capabilities and limits

  • Discussion of WireGuard, AmneziaWG, and tunneling WG over QUIC/HTTP/3 to evade DPI; note that some regimes simply block UDP or HTTP/3 entirely.
  • References to v2ray, Shadowsocks, Trojan, Xray, obfs4, SSH tunneling; several note these are in an ongoing arms race with Chinese-style DPI and active probing.
  • Matrix is criticized as weak on encryption and metadata; Synapse is considered resource-heavy, making covert self-hosting harder.
  • Starlink is seen as a powerful but risky exit: terminals are illegal in Iran, can be RF-located, and sharing them over local ISPs could expose users.

Radio, mesh, and offline approaches

  • Ham radio, APRS, AX.25, and HamNet are discussed but found severely constrained: low bandwidth, no encryption allowed, easy triangulation, and likely rapid crackdown if used for dissent.
  • Shortwave radio is highlighted as a robust one-way channel for information into censored regions, though easily jammed and traceable.
  • Mesh networks and citywide wireless/LoRa setups are seen as promising but require critical mass and are still vulnerable to regulation and enforcement.
  • Store-and-forward methods (e.g., “sneakernet” via SSDs, local wikis via Kiwix) are suggested for knowledge distribution during full isolation.

Future of the global Internet and censorship

  • One camp sees the open, unauthenticated global Internet as a historical anomaly that’s ending, replaced by platformized, permissioned access and national “intranets” like NIN.
  • Another camp calls this defeatist, arguing there will always be a technical minority building and using circumvention tools, even if only a small slice of the population.
  • Some argue legal and bureaucratic pressure (fines, regulation, mandatory central providers) may be more effective than overt terror in suppressing that minority.
  • There’s debate over whether more national “information borders” (to combat foreign information warfare) are a necessary defense or a dangerous blueprint for authoritarian control.

Safety, repression, and responsibility

  • Multiple commenters emphasize operational security: encryption is useless without a transmission path, and any RF or wired channel can be monitored and located with sufficient state resources.
  • Comparisons are drawn between classic WWII resistance radio, modern huff-duff and SDR-based triangulation, and today’s satellite systems.
  • Some push back on alarmism (“don’t publish anything or someone will be executed”), but others insist that even well-meaning technical guides must assume worst-case repression and avoid giving false confidence.