|
||
|
27 March 2013 Mixed Blocks of Iranian Access
A2 sends: On http://cryptome.org/2013/03/oracle-ir-block.htm it is stated that "[b]locking Oracle and Java updates makes Iranian online users the most vulnerable target to Java exploits." To verify that myself, I browsed the web from two Iranian IP addresses in different networks. Indeed, visiting www.oracle.com in a webbrowser yields the embargo message. However, I am able to obtain Java from www.java.com (which is owned by Oracle since their 2009 acquisition of Sun), and when installed on Mac OS X, it successfully fetches updates from http://javadl-esd.oracle.com. I I have not seen evidence for the suggestion that Iranian users of Oracle Java cannot update their Java. I have not tested on OS's other than Mac OS X. For fun, here are some other observations of browsing the web from two Iranian IP address (the https:// often yielded a timeout or ssl_error_rx_record_too_long error, but have been accessible at least once during my half hour experiment): http://cryptome.org = blocked https://cryptome.org/ = (no SSL version available) http://www.cia.gov/ = blocked https://www.cia.gov/ = OK http://www.sis.gov.uk (MI6) = blocked http://www.mi5.gov.uk (MI5) = blocked http://www.asis.gov.au = blocked https://www.asis.gov.au = (no SSL version available) http://www.aivd.nl = redirects to https:// https://www.aivd.nl = OK https://www.nzsis.govt.nz = (no SSL version available) http://www.fas.org = OK https://www.fas.org = OK http://www.dia.mil = OK https://www.dia.mil = OK http://www.nsa.gov = OK https://www.nsa.gov = (no SSL version available) http://www.fbi.gov = "401 Authorization Required" (FBI blocks Iran) https://www.fbi.gov = "401 Authorization Required" (FBI blocks Iran) http://{www,blog}.torproject.org = redirects to https:// https://{www,blog}.torproject.org = OK http://www.i2p2.de (I2P) = blocked https://www.i2p2.de = OK http://mute-net.sourceforge.net = OK http://www.freenetproject.org = redirects to https:// https://www.freenetproject.org = OK
|