Syrian Government Trying To Swipe Social Networking Passwords?
from the hamfisted dept
You may recall reports a few months ago from Tunisia, that indicated the government there had used a form of a man-in-the-middle attack to get usenames and passwords and access Facebook accounts of certain political opponents. It appears that Syria is trying to do the same thing. Reports have come out that Syria, via the Syrian Telecom Ministry, has kicked off a large man-in-the middle-attack on the HTTPS version of Facebook's site. While the EFF notes that the attack is amateurish, that doesn't mean it won't snare a potentially large number of people:The attack is not extremely sophisticated: the certificate is invalid in user's browsers, and raises a security warning. Unfortunately, because users see these warnings for many operational reasons that are not actual man-in-the-middle attacks, they have often learned to click through them reflexively. In this instance, doing so would allow the attackers access to and control of their Facebook account. The security warning is users' only line of defense.Either way, I'm a bit surprised that governments are using and promoting such ineffective means of spying on the populace. Of course, hopefully, this helps teach people to not just click through potential warnings, but also to get a better sense of how to keep their own computers secure and how to avoid such attacks.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: man in the middle, syria
Companies: facebook
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
> Unfortunately, because users see these warnings for many operational reasons that are not actual man-in-the-middle attacks, they have often learned to click through them reflexively.
"D'oh."
[ link to this | view in chronology ]
[ link to this | view in chronology ]
saw this coming
To make this attack work less obviously, they need to spoof not only the certificate but also the certificate authority (CA). Diverting traffic from the legitimate site into their honeypot makes that easier. That sounds like the kind of border router protocol hacking China is implicated in.
The arms race between freedom and censorship on the internet is only just warming up.
[ link to this | view in chronology ]