Fake certificate attack targets Facebook users in Syria
A man-in-the-middle attack is being run against users of the secure version of Facebook in Syria, the Electronic Frontier Foundation (EFF) warns. The semi-professional attack against the HTTPS version of the Facebook site relies on a digital certificate unsigned by any Certificate Authority and probable re-routing of traffic by …
This topic is closed for new posts.
What you didn't say
Was that website operators should refuse ssl connections that contain x-bluecoat header options, because they indicate that your connection has been proxied.
Re: What you didn't say
theodore,
Yeah but if you've got the domestic intelligence nous to configure a Blue Coat cluster to do that sort of thing you certainly couldn't manage to then strip the x-bluecoat header off before it hit FB, oh no. Nor would you have the savy to replicate what the Blue Coat was doing with an open source solution of say Pound and Apache (mod_proxy) clusters I'd guess, that having the benefit of not sending any vendor intrinsic fingerprints, probably being slightly more configurable at a very low level and being "more" scalable per buck than a Beowulf cluster of Blue Coats.
Just to note, I'm not saying Blue Coats aren't scalable, I'm not that familiar with their products but I'd guess even they'd wince at the technical difference between proxying a large company's worth of traffic (usual purpose) and an entire country's worth of FB connections. You'd also hope that they'd at least wince at the moral difference as well but they are a publicly listed business so...
And of course pro-revolutionary bloggers aren't your average Intersnizzle jockeys either, "Yeah, I'll except this random certificate whilst reporting from whatever repressive régime." is clearly the analogous chlorine in the pool of genetics.
Regards,
Phil
Lets see...
Fake democracy issues fake FB credentials.
At least they are consistent.
"Real" certificates next time
Surprised there isn't a Syrian Internet Network Information Center already registered by default as a CA in my browser. The Chinese are well ahead of the curve here but I think the others will soon catch up.
Already happening in our FaceBook
A friend had a bad time on Richard Dawkins Official F.B page. It was made to look like a server data-base glitch; but the result was the same – she could not make her case for Evolution Vs Creationism. It seems sensitive issues are either being monitored to sabotaged.
Speaking of Eurovision
Did anyone notice that the Turkish entry in the 'facebOok' dictatorship to democracy saga is to propose (by national law in May2011) that the internet will become just 4 approved Apps: child, basic, special and unrestricted (available only on special request and has blacked-out holes) This news was seen today on a Greek language website. Presumably wouldn't be viewable next month!
Dumb question: How are they doing this?
Newb question! i was wondering if someone could explain how issuing a fake certificate could allow the attackers access to and control of peoples Facebook accounts. I thought that the Syrian Telecom Ministry could only get Facebook credentials if they spoofed the actual Facebook log-in page itself.
Silly question?
Why don't they just pay Facebook for access to user accounts like everyone else does?
This topic is closed for new posts.
