Sophos Cloud Optix
Last week, the Iranian Supreme Court confirmed the death sentence for computer programmer Saeed Malekpour, whose photography program was used without his knowledge, to upload pornography to the internet.
Canadian resident Mr Malekpour was arrested while visiting his dying father in Iran during October 2008. He was held in solitary confinement in Tehran’s Evin Prison for a year without charge, according to Amnesty.
He made confessions, which were later televised, to his charges, which according to the EFF include “acting against national security through propaganda” and “production and publication of obscene materials through computer systems”.
However, in a letter sent from the prison in March 2010, Mr Malekpour states, he retracted these confessions, stating they had been given under duress after prolonged interrogation and torture by the “Revolutionary Guards Cyber Counterattack” team. He also wrote that he still not been allowed to visit his lawyer.
A Revolutionary Court sentenced him to death in October 2010 for his alleged confessions but the Supreme Court later overturned the sentence. When referred back to the same Revolutionary Court for reassessment, the death sentence was reinstated.
Last week, the Supreme Court approved this execution.
The Canadian Foreign Minister John Baird is reported to have condemned the Supreme Court’s decision, but there is little practical means of challenging this order outside Iran.
This is not the first death sentence for an internet-related crime in Iran. Iranian blogger Vahid Asghari was sentenced to death for allegedly hosting a pornography network.
The recent OpenNet Initiative (ONI) Report “In the Name of God” and ONI Iran profile both provide necessary context to the broader approach of internet control in Iran.
A broader question that could be drawn from Mr Malekpour’s case is to what extent should software creators have control over end use of their programs?
Software designers could retain greater control and lock down end use to prescribed functions, preventing their software being used outside its intended purpose.
Of course, in this context it could prove complicated to implement. For Mr Malekpour, he would have had to invest in image recognition capabilities and impose restrictions if the images were deemed inappropriate. This would move the original program beyond its modest remit.
Importantly, requiring restrictions and lockdown of software might stifle innovation. New ideas and applications are often realised by allowing the end user to tinker. Oxford and Harvard Law Professor Jonathan Zittrain is a proponent of the ‘generativity’ of technologies that maintain openness and allow modification.
Professor Zittrain accredits the creation of the internet as spawning from such an ideology, but ‘generativity’ is a double-edged sword and innovation of destructive applications also occurs, with malware being a key example.
All this debate, however, is of little consolation to Saeed Malekpour who is facing a bleak future. He can’t have imagined that when he started writing a photography program, his code would put his life in peril.
Bloody irrational Iranians. Nice article though. It really is a tough debate, like you say malware is created and intended to mess up a computers system and therefore the creators (if you can ever find them) should be held responsible. In the case of Saeed, he made a program which is accessable by all, the fact that it was misused shouldn’t hold him responsible, in any normal rational country, what would the consequenses be, if any?
No consequences. Bill Gates would have been executed infinite times if that was the case.
I read outrageous news stories every day but this one is just off the wall. It just doesn't make any sense at all.
Think about someone driving a car irresponsibly that ends up with someone being killed through a hit and run incident. You don't imprison the car manufacturer – you imprison the driver. I'm right about that, aren't I? And that makes sense, doesn't it?
Yes, it does make sense. True, a driver is imprisoned not the manufacturer.
As a software developer, I couldn't agree more! Have I used my Mac in ways in which it was not intended? absolutely! Should Steve Jobs (or the programmers at Apple) be held accountable for my actions? hell no! I choose how I use my software, therefor I should be the only one held accountable for my actions. Period.
In the US they have been trying to do that very thing only in the US you won’t be put to death just 5 years in prison (SOPA and PIPA) and a felony conviction
What, for creating a product that is used by others who then do something illegal with it???
Hmmmm…. Perhaps Bill Gates is in trouble if the SOPA/PIPA stuff goes through.
Can you just imagine the docuseries?
"Bill behind Bars"
"Jail Gates"
"Arrested (Software) Development"
What? That is completely ridiculous.
Can we wipe that regime off the map yet? Not the good people of Iran just their leaders and supporters. Good grief.
His code did not put his life in peril – it was simply an excuse used to put his life in peril. If not this "trumped up" charge, it would have been his alleged involvement in some sort of pro-Israeli CIA plot despite the fact that he is Canadian.
Technically he is not Canadian which makes things even more complicated. He is a permanent resident of Canada. The US equivalent of a green card holder. Until he applies for and is accepted for Canadian Citizenship he remains a citizen of whatever country issued his passport. He has a right to live, work, get public funded healthcare and pay outrageous taxes in Canada but he does not enjoy the right to vote or travel on a Canadian passport or receive legally recognized diplomatic support from the Canadian government. I would assume that his passport was issued by the UK or Iran since he was visiting his father in Iran when he was arrested and the UK government appears particularly interested in his situation. As for punishing the US through Canada, the fact that Canada produced fake passports to assist US diplomatic staff to escape Iran during the Iranian revolution and that Iran was under UK rule at one time probably plays into that. I personally applaud Ken Taylor and the Canadian government of the day for coming to the aid of the US embassy staff but the consequences can be a long time coming.
It’s impossible to take a country like Iran seriously when they do pathetic things like this. The country is run by lunatics; if this isn’t proof enough then what is? Time to isolate them completely – not economic embargo but physically surround them and cut them off.
Better yet , The USA should invade them like they have with other corrupt dictatorships & blow the smitherines out of them. We all know they take pride in doing that.
They're just waiting for someone to pay the ransom.
Going to be interesting to see the world wide reaction the next time Iran has an earthquake and cries to the rest of the world for help. As one of the world's major exporters of food I doubt they will get a forkful from us.
This does not raise any new questions about internet freedoms as a few people quoted in the article claim. In the west, this is an agreed upon issue – if someone does something illegal, they are to blame, not the person who invented the tools they use. We do not prosecute AT&T when someone organizes a drug deal on the phone, or Ford when there is a case of road rage.
Let me also be clear – there is no debate on his guilt or innocence. Malekpour has done nothing that would be considered a crime by any civilized western country. He should be considered in the same light as other political prisoners who have been jailed by Iran for exercising free speech, women who were executed for adultery, or men jailed for being members of a union. They are all victims of a barbaric regime.
No rational country will use Iran's barbaric example as case law, so there's really no way this "draws the broader question of to what extent should software creators have control over end use of their programs?" This question has been completely settled in the civilized world. It's just a shame Iran isn't part of it.
OMG. Well, I would say.. let's sentence to death Bill Gates, and all the microsoft workers, as well as Steve Jobs (oops.. ok.. so all Apple employees then)…
and let's do the same for anyone who has ever written an operating system.. because… due to their 'ease of use interface' people can put certain content on the internet..
Nicely done Iran… 😐
Thisis akin to locking down a standard 35mm camera. How can you prevent someone from taking a picture of anything. Cameras don't take pictures, people do..
.
Ari absolutely hit the nail on the head with the comment that this case in no way furthers the question of how much control software developers have over their creations. Instead, it would be interesting to learn whether there are any cases of Iranian nationals developing software that was then consequently used for pornographic or other unsavory uses, and whether those individuals were prosecuted (or executed) for such development. That would help answer the question as to whether Saeed’s legal status in Canada or elsewhere was a factor in this prosecution — as many of us here suepct may be the case.
Meanwhile, I thought Sophos censored its comments. Can we please avoid allowing inflamatory commentary about invasions and killing everyone involved to be published here? They add no intelligence to the discussion, and suggest that the authors of such comments are not so far removed from the very regime they are railing against. Stick to the civilized moral ground and don’t lump the Iranian population at large in with the decision-makers of this case if you’re going to comment, people!
http://www.change.org/petitions/the-united-nation…
Sign a petition to the United Nations to stop this, before its too late.
Then let Iran try him on the genuine charge instead of this bs.
There is no excuse for this sort of barbarism. It is a cynical, political ploy to aggravate Western powers and further brainwash Iranians into believing their government has an effective Internet task force.
I’d say the best way to stay out of the clutches of an irrational, 7th Century regime is to avoid going there physically. (Which, of course, make for some heartbreaking family decisions .)
My real hardware does not need that kind of software and its “possibilities in pictures” to make it work. The excuse Malekpour gives does not support his failure to recognize it’s potential for abuse in a country he is a citizen of and one in which he is aware of the rules. What he did was akin to an undercover attempt by a Korean/Canadian to bring illegal narcotics into Korea- disguised as luggage. If the package has potential for abuse and illegal use and you designed it, don’t bring it where you know it may be abused. I designed a program that could make perfect pictures. That doesn’t mean I take it where I known it can be used for counterfeiting. He would have did better sticking to the script, instead of trying to change the play. At least he might have got 72 virgins,instead of porn and death.
Nonsense, it's like a Korean/Canadian designing some luggage which an entirely unrelated person then puts some narcotics in and takes them into Korea, and the authorities blaming the person who made the luggage.
Naked Security, you disappoint me. "Canadian resident sentenced to death for writing a computer program" is a horrible summary of this story. The death sentence was for allegedly running a porn website. I get that the "running a porn site" claim stems from "wrote software used by porn site", but "sentences to death for writing a computer program" is a gross oversimplification of the story.
Every invention has the potential for misuse, for example the dynamite or nuclear power. So the maker of a tool should ideally give some thought for its safe use. However I do not support the death sentence. But the larger question is whether the manufacturer should be responsible for providing some in-built safety device to prevent misuse, just as the manufacturer of an electrical device should be held responsible if the insulation is not proper. On the other hand putting to death a person for such negligence is going too far.