Article Lead Image

U.S. company allegedly caught aiding Syria and Iran in censorship efforts

France's Reflets has discovered that Blue Coat is currently providing the two countries with powerful software for filtering and spying on their countries’ Internet activities.

 

Curt Hopkins

Internet Culture

Posted on May 29, 2013   Updated on Jun 1, 2021, 2:45 pm CDT

The French investigative publication Reflets has discovered that the American company Blue Coat is currently providing the government of Syrian leader Bashar Al-Assad and that of the Islamic Republic of Iran with software to filter and spy on their countries’ Internet activities in contravention of U.S. law.

The U.S. has trade sanctions against both Iran and Syria, limiting the type of exports and commerce a company can conduct with them.

Reflets, in an earlier report in October 2011, found that 15 servers in Syria were “regularly updating their software by calling home (that’s the USA, and this is technically, an export).” According to U.S. law, companies are legally forbidden to export certain types of products, including software, to certain countries, including Syria. Blue Coat insists on its website that it abides by these injunctions.

A recent report, however, found 37 servers still reporting in Syria to the U.S. for updates.

“In 2011, the U.S. government, despite the evidence we published, only blamed Blue Coat’s German distributor,” Reflet’‘s Fabrice Epelboin told the Daily Dot. The U.S. Department of Commerce then allowed the company to continue distributing its software.

“This time, it’s gonna be a little more difficult for them to explain how they got there… Again.”

In the current study, Reflets found 171 Blue Coat servers in Iran, a country off-limits to U.S. software exports (with the apparent exception of Stuxnet).

“There’s no way Blue Coat can ignore that there is such a massive amount of Blue Coat servers located in Iran,” said Epelboin. “This is a clear violation of the U.S.’s embargo law, and that technology is, without a shadow of a doubt, being used to violate human rights”

Iran consistently ranks among the worst abusers of human rights among nongovernmental organizations, such as Freedom House and Human Rights Watch. Corruption is rife, fair trials are rare, and criminal imprisonment is often used as a tool to stifle speech.

Could Blue Coat be ignorant of the use by Iran and Syria of their software? That’s unlikely, according to Reflets.

“One could imagine that Blue Coat does not carry out… geolocation before the first case that we revealed in late 2011,” Reflets wrote in its report. “Today it is hard to believe. Blue Coat has necessarily had to review the logs of connections to its appliances, scattered around the world, if only to ‘prove’ to the Department of Commerce that none of it was still located in a countries embargoed by the U.S. government.”

Reflets used a tool called “Nmap,” which, as Wikipedia explains it, “provides a variety of features for probing computer networks such as host discovery, service and operating system detection and other more in depth system information. These features are further extended by scripts that can perform more advanced service detection, vulnerability detection, and other information.”

In conjunction with the collaboration of local hackers, especially in Syria, Reflets was able to produce a map of servers using the Blue Coat products. The process is outlined, with examples, by Reflets in its article on the Syrian discoveries.

Reflets also discovered during the course of its investigations that the French software company Amesys, best known for providing Libya’s former strongman Muammar Qaddafi with his suite of filtering and spying software, is back in business and back in Libya.

Purchased by a former employee of its one-time owner, a company called Bull, Amesys has been rechristened “Advanced Middle East Systems” and is now headquartered in the United Arab Emirates. Reflets has tracked AMEsys operations in Morocco, Qatar, and other countries not renowned for their openness to online speech. The problem with this is, in part, the fact that the French state is part-owner of Bull.

The problem of Western companies providing tyrannical countries with the means to muzzle and punish their citizens for their speech and organizing online is not new. The importance of the Reflets investigation, however, is the detail.

A U.S. company is allegedly currently and actively providing aid to Iran, an avowed enemy of the United States in direct contravention of American law. This aid provides means by which the Iranian government can shut off dissent, discover dissenters, and punish advocates for the very values this country holds up as aspirational.

Blue Coat is also apparently providing the same aid to Syria, a country that is being torn apart by a devastating civil war in which the forces of President Bashar al-Assad have been accused of using poisonous gas on their own citizens and cutting off access to the Internet.

Requests for comment to Blue Coat and the Office of Foreign Assets Control at the U.S. Department of the Treasury were not returned. 

Illustration by Jason Reed

Share this article
*First Published: May 29, 2013, 9:00 am CDT