Donate for the Cryptome archive of files from June 1996 to the present

27 March 2013

Mixed Blocks of Iranian Access

A2 sends:

On it is stated that "[b]locking Oracle and Java updates makes Iranian online users the most vulnerable target to Java exploits."

To verify that myself, I browsed the web from two Iranian IP addresses in different networks.

Indeed, visiting in a webbrowser yields the embargo message. However, I am able to obtain Java from (which is owned by Oracle since their 2009 acquisition of Sun), and when installed on Mac OS X, it successfully fetches updates from I

I have not seen evidence for the suggestion that Iranian users of Oracle Java cannot update their Java. I have not tested on OS's other than Mac OS X.

For fun, here are some other observations of browsing the web from two Iranian IP address (the https:// often yielded a timeout or ssl_error_rx_record_too_long error, but have been accessible at least once during my half hour experiment): = blocked = (no SSL version available) = blocked = OK (MI6) = blocked = OK (MI5) = blocked = OK = blocked = (no SSL version available) = redirects to https:// = OK = OK = (no SSL version available) = OK = OK = OK = OK = OK = (no SSL version available) =  "401 Authorization Required" (FBI blocks Iran) =  "401 Authorization Required" (FBI blocks Iran) = OK = OK

http://{www,blog} = redirects to https:// https://{www,blog} = OK (I2P) = blocked = OK = OK = redirects to https:// = OK