RaazNet

RaazNetBeta

KNOWLEDGE BASE
On This Page

Secure Data Transmission and IP Privacy

A comprehensive guide to protecting data in transit and hiding IP addresses within the Iranian digital landscape, covering tools like Signal, OnionShare, and techniques to prevent DNS and WebRTC leaks.

Time15 minutes

Secure Data Transmission and IP Privacy

In the context of Iran's National Information Network (NIN), protecting the content of your communications and the metadata of your connection (specifically your IP address) is critical. The Telecommunication Infrastructure Company (TIC) and various intelligence agencies (IRGC, MOIS) employ Deep Packet Inspection (DPI) and sophisticated monitoring to intercept data and identify users.

This guide focuses on two pillars of digital safety:

  1. Secure Data Transmission: Ensuring that even if data is intercepted, it cannot be read (Encryption).
  2. IP Privacy: Ensuring that the destination of your traffic and your identity cannot be easily linked (Anonymity).

1. Understanding the Threat: IP Addresses and Visibility

Your IP address is a unique digital label assigned to your device by your Internet Service Provider (ISP) (e.g., Irancell, MCI, Shatel). In Iran, ISPs are legally required to log this data and share it with authorities upon request.

Who Sees What?

EntityVisibilityRisk in Iran
ISP (e.g., MCI)Sees your IP, the IP you are connecting to, and unencrypted metadata (DNS queries, SNI).High. They log activity for at least 6-12 months.
TIC (Gateway)Sees all international traffic entering/leaving Iran.High. Uses DPI to throttle or block encrypted protocols.
Destination WebsiteSees your public IP address (or the IP of your VPN/Proxy).Moderate. Can be used for geolocation or cross-referencing.

The "National Information Network" (NIN) Risk

Iran uses a dual-stack network where domestic traffic is separated from international traffic. Using domestic services (like domestic messengers or hosting providers) exposes your data directly to state monitoring without the protection of international jurisdiction. Always prefer international, encrypted services.

2. Securing Real-Time Communication

Signal Messenger: Enabling Relay Calls

By default, Signal connects you directly to your contact to reduce latency. However, this peer-to-peer connection reveals your IP address to the person you are calling. If you are communicating with an unknown party, an interrogator, or a compromised contact, this is a risk.

Solution: Always Relay Calls This feature routes your call through Signal’s servers. The contact sees Signal's IP, not yours.

Activation Steps:

  1. Open Signal.
  2. Go to SettingsPrivacy.
  3. Tap on Calls.
  4. Enable Always Relay Calls.

⚠️ Note: This may slightly reduce call quality, but it is essential for anonymity in high-risk scenarios.

Signal TLS Proxy in Iran

Since Signal is frequently blocked, you may need a proxy to connect. Signal allows the use of a "TLS Proxy" which wraps traffic to look like normal HTTPS.

  • Safety Check: The proxy operator cannot read your messages (due to end-to-end encryption), but they can see that you are connecting to Signal.

3. Secure File Sharing and Synchronization

Sending sensitive documents requires tools that strip metadata and use End-to-End Encryption (E2EE). Avoid using email attachments or unencrypted cloud storage (like Google Drive or Dropbox without additional encryption) for highly sensitive material.

OnionShare (Anonymity First)

OnionShare allows you to share files of any size directly from your computer using the Tor network. It creates a temporary, anonymous web server hosted on your machine.

  • How it works: You get a .onion link. The recipient opens it in Tor Browser to download.
  • Iranian Context: Since Tor is blocked, you must configure Tor Bridges (Snowflake or Obfs4) within OnionShare settings before connecting.
  • Pros: No third-party server, complete anonymity, no file size limit.
  • Cons: Slow speed; both parties need Tor.

Send (Convenience & Encryption)

"Send" services (forks of the discontinued Firefox Send) allow you to upload a file that is encrypted in your browser before being sent to the server. The server owner cannot read the file.

  • Recommended Tool: Send.vis.ee (or other trusted instances).
  • Features: Password protection, automatic deletion after X downloads/hours.
  • Usage: 
    # CLI usage for advanced users
ffsend upload --host https://send.vis.ee/ FILE --password

Syncthing (Continuous Sync)

For syncing files between your own devices (e.g., laptop to phone) without a cloud server.

  • Protocol: Peer-to-Peer (P2P) with TLS encryption.
  • Privacy: Data is stored only on your devices.
  • Network Note: If devices are on different networks (e.g., Irancell mobile vs. home ADSL), Syncthing needs to punch through NAT. In Iran, this might be blocked; using a VPN on both devices can facilitate the connection.

4. Network Security & Leak Prevention

Even with a VPN, your browser can leak your real IP address to websites and ISPs.

WebRTC Leaks

WebRTC is a protocol used for browser-based calls (like Google Meet). It has a vulnerability where it can reveal your real local and public IP addresses even behind a VPN. This is a common way Iranian ISPs identify VPN users.

  • Test: Visit BrowserLeaks.com/webrtc with your VPN on. If you see your Iran ISP IP, you are leaking.
  • Fix (Firefox):
    1. Type about:config in the address bar.
    2. Search for media.peerconnection.enabled.
    3. Set it to false.
  • Fix (Chrome/Brave): Install the "WebRTC Network Limiter" extension or use a privacy-focused browser like Mullvad Browser or Tor Browser (which disable it by default).

DNS Privacy (DoH/DoT)

Standard DNS queries (looking up "google.com") are unencrypted. Iranian ISPs intercept these to block sites and log your browsing history.

  • DNS over HTTPS (DoH): Encrypts DNS requests inside standard HTTPS traffic (port 443). This is harder for the censor to distinguish from regular web browsing.
  • Configuration in Firefox:
    1. Settings → Privacy & Security.
    2. Scroll to DNS over HTTPS.
    3. Select "Max Protection" and choose a provider (e.g., Cloudflare or NextDNS).
    • Note: If major providers like Cloudflare are blocked, you may need a custom DoH provider or rely on your VPN's encrypted DNS.

HTTPS-Only Mode

Ensures you never accidentally connect to the unencrypted HTTP version of a site.

  • Why: HTTP traffic is visible in plain text to the ISP. HTTPS encrypts the content.
  • Action: Enable "HTTPS-Only Mode" in your browser settings.

5. Summary Checklist for Iranian Users

  1. Assume Visibility: Assume your ISP logs every unencrypted packet.
  2. Encrypt Everything: Use HTTPS-Only mode and Encrypted DNS (DoH).
  3. Hide Your IP:
    • Use Tor (with Bridges) for high-risk activity.
    • Enable Relay Calls in Signal.
    • Disable WebRTC in your browser.
  4. Transfer Safely: Use OnionShare for sensitive leaks or Encrypted Send links for general files. Never use domestic Iranian file hosts (e.g., Picofile) for sensitive data.

Sources:

  • Certfa - Digital Security Encyclopedia
  • Privacy Guides - File Sharing
  • Security in a Box - Internet Connection & Browsing
  • EFF - Surveillance Self-Defense
Source:
Edit

Was this article helpful?

Your feedback helps us improve our wiki content.