BROOKE GLADSTONE: After Iran’s dissent-wracked election last summer, the regime cracked down on information getting out of the country and the world’s attention turned to the role played by Iranians worldwide who spread the news online. Users in countries with uncensored Internet created what are called proxy servers through which people in Iran could reroute their Internet service. From his home in San Francisco, a young programmer named Austin Heap turned his blog into a clearinghouse for information on which proxies were operational and which weren't. Within 24 hours, he was getting 2,000 connections per second from users in Iran. “My servers are melting,” he wrote in an article for Salon. Soon after the election, the furor died down. Heap began to work on new anti-censorship software, specifically for Iran, called Haystack. When someone in Iran uses Haystack to access the Internet, the program encodes the information and hides it inside other innocuous content. For example, a dissenter’s email might be disguised as a visit to Weather.com, or a page on The New York Times’ website, which is blocked in Iran, might be camouflaged within the pixels of a family photograph. After months of testing, Haystack has been released to human rights activists, journalists and other high-risk users in Iran. But Heap says this is just the opening salvo in what is likely to be a long battle of technical wits with Haystack’s enemies.

AUSTIN HEAP: It’s always going to be a cat-and-mouse game. Haystack is the first anti-censorship tool to a) encrypt and protect the data and b) hide it. I do expect them to attempt to reverse-engineer the software and try to come up with ways to block it. And what we have done is come up with a roadmap for a next series of steps, so once there is something that potentially could block Haystack we're ready to move to the next strategy and the next one.

BROOKE GLADSTONE: How are you going to distribute it once it opens to wide release? If a person tries to download it from the internet, they could get caught, unless you plan on hiding it inside of an innocent family photo.

AUSTIN HEAP: We can't just post Haystack online. There are a lot of risks associated with doing that. The regime, for example, could spoof Haystacknetwork.com. Let's say you were in Iran, you would have no way of knowing if you’re actually connecting to the real Haystack website.

BROOKE GLADSTONE: Yikes!

AUSTIN HEAP: One of the things we have to do is come up with ways to distribute Haystack physically and rely on a person-to-person network so that friends can give it to other friends. We want to rely on the trust. I mean, if you remember how Google Mail first came out, it was invite-only, so you had to know someone to get an invite. And we hope that that will be an effective way of distributing it.

BROOKE GLADSTONE: So you’re talking about in-real-life, flesh-to-flesh contact to get this stuff around.

AUSTIN HEAP: You know, we have to rely on old world means to open up the new ones.

BROOKE GLADSTONE: Couldn't criminals use Haystack to hide their nefarious doings online?

AUSTIN HEAP: There’s definitely a legitimate concern. The way the network is built is to protect the user from us and us from the user, so we never know what they're doing and we never know who they are. And that’s risky, because somebody could plan some, as you mentioned, nefarious activity. But we believe that having the chance of free speech is better than not having it at all, and you’re always going to have a few bad apples, if you will.

BROOKE GLADSTONE: But it would be so easy for terrorists who are planning things to hide the really important chatter that government intelligence agencies listen in on by tucking them into a Haystack camouflage program.

AUSTIN HEAP: Haystack would make it easier for them, but I mean, there’s plenty of good ways to communicate securely, and, and I don't think that, you know, Haystack is going to severely bolster their toolbox, if you will.

BROOKE GLADSTONE: Since Haystack won approval for export to Iran last month, you've received a fair amount of press, not just from the western press. Four out of the six state-run Iranian newspapers have tried to paint you as a U.S. spy, and also as immoral.

AUSTIN HEAP: If you look at what they put out about activists, it’s always that they're a spy. It’s always that they're immoral. You know, it’s the same old story.

BROOKE GLADSTONE: But they're making a big deal out of your being gay. This is supposed to hurt your credibility as a programmer or anti-censorship fighter.

AUSTIN HEAP: I think it’s really weird that somebody has pored through my Facebook profile [LAUGHS] in order to write state-run media news stories. I think that they're trying to scare people, that they're trying to find any reason to keep people from sharing their story, and they'll use any ammo that they can get.

BROOKE GLADSTONE: The state-run newspapers are giving Haystack a lot of free publicity.

AUSTIN HEAP: That’s also true. I haven't thought about that yet, so I guess I should say thank you.

BROOKE GLADSTONE: [LAUGHS] Do you think Haystack ultimately will be exported beyond Iran?

AUSTIN HEAP: Definitely. If you look at the percentage of people who have access to the internet, 31 percent of them live under some form of government-imposed censorship. So our job doesn't just end at Iran. It just is starting with Iran. We do expect copies of Haystack to end up in other countries, but the way our network is set up, unless you’re connecting from an address within Iran, we won't accept that connection. That’s not to say that we're not looking at the next country. We're already working on a – I can't tell you which one yet, but we've got number two and number three underway, and we hope to announce all that soon.

BROOKE GLADSTONE: Austin, thank you very much.

AUSTIN HEAP: Thank you, too.

BROOKE GLADSTONE: Austin Heap is executive director of the Censorship Research Center.