Or...
..maybe they could just stop using FakeBook.
A man-in-the-middle attack is being run against users of the secure version of Facebook in Syria, the Electronic Frontier Foundation (EFF) warns. The semi-professional attack against the HTTPS version of the Facebook site relies on a digital certificate unsigned by any Certificate Authority and probable re-routing of traffic …
theodore,
Yeah but if you've got the domestic intelligence nous to configure a Blue Coat cluster to do that sort of thing you certainly couldn't manage to then strip the x-bluecoat header off before it hit FB, oh no. Nor would you have the savy to replicate what the Blue Coat was doing with an open source solution of say Pound and Apache (mod_proxy) clusters I'd guess, that having the benefit of not sending any vendor intrinsic fingerprints, probably being slightly more configurable at a very low level and being "more" scalable per buck than a Beowulf cluster of Blue Coats.
Just to note, I'm not saying Blue Coats aren't scalable, I'm not that familiar with their products but I'd guess even they'd wince at the technical difference between proxying a large company's worth of traffic (usual purpose) and an entire country's worth of FB connections. You'd also hope that they'd at least wince at the moral difference as well but they are a publicly listed business so...
And of course pro-revolutionary bloggers aren't your average Intersnizzle jockeys either, "Yeah, I'll except this random certificate whilst reporting from whatever repressive régime." is clearly the analogous chlorine in the pool of genetics.
Regards,
Phil
A friend had a bad time on Richard Dawkins Official F.B page. It was made to look like a server data-base glitch; but the result was the same – she could not make her case for Evolution Vs Creationism. It seems sensitive issues are either being monitored to sabotaged.
Did anyone notice that the Turkish entry in the 'facebOok' dictatorship to democracy saga is to propose (by national law in May2011) that the internet will become just 4 approved Apps: child, basic, special and unrestricted (available only on special request and has blacked-out holes) This news was seen today on a Greek language website. Presumably wouldn't be viewable next month!
Newb question! i was wondering if someone could explain how issuing a fake certificate could allow the attackers access to and control of peoples Facebook accounts. I thought that the Syrian Telecom Ministry could only get Facebook credentials if they spoofed the actual Facebook log-in page itself.