A man-in-the-middle attack is being run against users of the secure version of Facebook in Syria, the Electronic Frontier Foundation (EFF) warns. The semi-professional attack against the HTTPS version of the Facebook site relies on a digital certificate unsigned by any Certificate Authority and probable re-routing of traffic …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Friday 6th May 2011 10:12 GMT Winkypop

Or...

..maybe they could just stop using FakeBook.

0 4
Friday 6th May 2011 18:37 GMT Anonymous Coward

What you didn't say

Was that website operators should refuse ssl connections that contain x-bluecoat header options, because they indicate that your connection has been proxied.

1 0
1. Saturday 7th May 2011 11:55 GMT toor
  
  Re: What you didn't say
  
  theodore,
  
  Yeah but if you've got the domestic intelligence nous to configure a Blue Coat cluster to do that sort of thing you certainly couldn't manage to then strip the x-bluecoat header off before it hit FB, oh no. Nor would you have the savy to replicate what the Blue Coat was doing with an open source solution of say Pound and Apache (mod_proxy) clusters I'd guess, that having the benefit of not sending any vendor intrinsic fingerprints, probably being slightly more configurable at a very low level and being "more" scalable per buck than a Beowulf cluster of Blue Coats.
  
  Just to note, I'm not saying Blue Coats aren't scalable, I'm not that familiar with their products but I'd guess even they'd wince at the technical difference between proxying a large company's worth of traffic (usual purpose) and an entire country's worth of FB connections. You'd also hope that they'd at least wince at the moral difference as well but they are a publicly listed business so...
  
  And of course pro-revolutionary bloggers aren't your average Intersnizzle jockeys either, "Yeah, I'll except this random certificate whilst reporting from whatever repressive régime." is clearly the analogous chlorine in the pool of genetics.
  
  Regards,
  
  Phil
  
  0 0
Friday 6th May 2011 21:22 GMT NoneSuch

Lets see...

Fake democracy issues fake FB credentials.

At least they are consistent.

0 0
Sunday 8th May 2011 11:49 GMT Anonymous Coward

"Real" certificates next time

Surprised there isn't a Syrian Internet Network Information Center already registered by default as a CA in my browser. The Chinese are well ahead of the curve here but I think the others will soon catch up.

0 0
Monday 9th May 2011 09:04 GMT David Strum

Already happening in our FaceBook

A friend had a bad time on Richard Dawkins Official F.B page. It was made to look like a server data-base glitch; but the result was the same – she could not make her case for Evolution Vs Creationism. It seems sensitive issues are either being monitored to sabotaged.

0 0
1. Tuesday 10th May 2011 08:55 GMT Big-nosed Pengie
  
  title
  
  This was in the US I assume?
  
  0 0
Tuesday 10th May 2011 20:34 GMT Anonymous Coward

Speaking of Eurovision

Did anyone notice that the Turkish entry in the 'facebOok' dictatorship to democracy saga is to propose (by national law in May2011) that the internet will become just 4 approved Apps: child, basic, special and unrestricted (available only on special request and has blacked-out holes) This news was seen today on a Greek language website. Presumably wouldn't be viewable next month!

0 0
Wednesday 11th May 2011 10:21 GMT Ansari121

Dumb question: How are they doing this?

Newb question! i was wondering if someone could explain how issuing a fake certificate could allow the attackers access to and control of peoples Facebook accounts. I thought that the Syrian Telecom Ministry could only get Facebook credentials if they spoofed the actual Facebook log-in page itself.

0 0
Friday 13th May 2011 00:29 GMT Anonymous Coward

Silly question?

Why don't they just pay Facebook for access to user accounts like everyone else does?

0 0