I saw this new thing release called GreenMachine. It appears to be a wrapper for SSH running on port 80. Some observations: 1) The username ("greenmachine1") and password ("freeiran1") are hard-coded into the binary. 2) It appears to only connect to one server in Germany (126.96.36.199), meaning Iran can block just the IP and/or target users connecting to this IP. 3) Since it's using SSH, it has a known signature that would be easy for Iran to target. 4) It unconditionally accepts the remote host's session key. That means it's trivially vulnerable to a MITM attack. The government wouldn't even need to distribute bugged copies: it's self-bugged. That took 15 minutes to figure out and break. Next?