Tuesday, June 16, 2009

Does @AnonymousInIran log IP addresses? #iranelection #iran #iran09

I've received a few emails asking if we're logging the IP address of those who use our TweetIran anonymous Twitter script (source here). While most people assume this is some conspiracy of the Iranian government, I can tell you as the administrator and writer of the script and service that it's not.

Here's the truth:

Yes, we do log every IP address that post to the service. This is logged to a private database and not shared with anyone (especially the Iranian government). We log IP addresses so that we can block users who decide to abuse the proxy or if we discover a government IP that is spreading misinformation. Nothing more. We do not share the IP addresses with anyone, ever.

Now, while the conspiracy theories fly, let me point out that what we're doing isn't even necessary in order for us to identify users. Web servers log every single connection anyway. Every proxy you use has the potential of logging your IP. Every one. Every web server you connect to that runs a service logs your IP. We log this to a db to protect people who want to honestly use the script. But your IP address is logged by the webserver anyway.

So, is this really anonymous? Yes. Our promise to our users is protection from the government. Us knowing your IP address does not put you in danger. THEM knowing your IP does. So, you are anonymous from your government. That is guaranteed.

I hope this clarifies the rumors circulating around the internet. If you follow the @cajuntechie tweet stream (mine) you will see that I am not an operative of the CIA or the Iranian government. I am just a guy in rural Oklahoma trying to make a difference and help a cause.

2 comments:

corrie said...

Thanks for taking the users.php page down. I've forwarded your how-to-set-up-a-proxy post to several tech folks I know in various US locations.

necro said...

"let me point out that what we're doing isn't even necessary in order for us to identify users. Web servers log every single connection anyway."

That's correct - that isn't what people were angry about. People were angry over the fact that the complete log of users and their IPs were in a file that was publicly accessible. Now that it's gone, it's all good. Thanks for taking it down in a pretty timely manner.