back to article Fake certificate attack targets Facebook users in Syria

A man-in-the-middle attack is being run against users of the secure version of Facebook in Syria, the Electronic Frontier Foundation (EFF) warns. The semi-professional attack against the HTTPS version of the Facebook site relies on a digital certificate unsigned by any Certificate Authority and probable re-routing of traffic …

COMMENTS

This topic is closed for new posts.
  1. Winkypop Silver badge
    Flame

    Or...

    ..maybe they could just stop using FakeBook.

  2. Anonymous Coward
    Anonymous Coward

    What you didn't say

    Was that website operators should refuse ssl connections that contain x-bluecoat header options, because they indicate that your connection has been proxied.

    1. toor
      Stop

      Re: What you didn't say

      theodore,

      Yeah but if you've got the domestic intelligence nous to configure a Blue Coat cluster to do that sort of thing you certainly couldn't manage to then strip the x-bluecoat header off before it hit FB, oh no. Nor would you have the savy to replicate what the Blue Coat was doing with an open source solution of say Pound and Apache (mod_proxy) clusters I'd guess, that having the benefit of not sending any vendor intrinsic fingerprints, probably being slightly more configurable at a very low level and being "more" scalable per buck than a Beowulf cluster of Blue Coats.

      Just to note, I'm not saying Blue Coats aren't scalable, I'm not that familiar with their products but I'd guess even they'd wince at the technical difference between proxying a large company's worth of traffic (usual purpose) and an entire country's worth of FB connections. You'd also hope that they'd at least wince at the moral difference as well but they are a publicly listed business so...

      And of course pro-revolutionary bloggers aren't your average Intersnizzle jockeys either, "Yeah, I'll except this random certificate whilst reporting from whatever repressive régime." is clearly the analogous chlorine in the pool of genetics.

      Regards,

      Phil

  3. NoneSuch Silver badge
    Black Helicopters

    Lets see...

    Fake democracy issues fake FB credentials.

    At least they are consistent.

  4. Anonymous Coward
    Boffin

    "Real" certificates next time

    Surprised there isn't a Syrian Internet Network Information Center already registered by default as a CA in my browser. The Chinese are well ahead of the curve here but I think the others will soon catch up.

  5. David Strum
    Flame

    Already happening in our FaceBook

    A friend had a bad time on Richard Dawkins Official F.B page. It was made to look like a server data-base glitch; but the result was the same – she could not make her case for Evolution Vs Creationism. It seems sensitive issues are either being monitored to sabotaged.

    1. Big-nosed Pengie

      title

      This was in the US I assume?

  6. Anonymous Coward
    Big Brother

    Speaking of Eurovision

    Did anyone notice that the Turkish entry in the 'facebOok' dictatorship to democracy saga is to propose (by national law in May2011) that the internet will become just 4 approved Apps: child, basic, special and unrestricted (available only on special request and has blacked-out holes) This news was seen today on a Greek language website. Presumably wouldn't be viewable next month!

  7. Ansari121
    Coat

    Dumb question: How are they doing this?

    Newb question! i was wondering if someone could explain how issuing a fake certificate could allow the attackers access to and control of peoples Facebook accounts. I thought that the Syrian Telecom Ministry could only get Facebook credentials if they spoofed the actual Facebook log-in page itself.

  8. Anonymous Coward
    Troll

    Silly question?

    Why don't they just pay Facebook for access to user accounts like everyone else does?

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2022