Syrian Government Trying To Swipe Social Networking Passwords?

from the hamfisted dept

You may recall reports a few months ago from Tunisia, that indicated the government there had used a form of a man-in-the-middle attack to get usenames and passwords and access Facebook accounts of certain political opponents. It appears that Syria is trying to do the same thing. Reports have come out that Syria, via the Syrian Telecom Ministry, has kicked off a large man-in-the middle-attack on the HTTPS version of Facebook's site. While the EFF notes that the attack is amateurish, that doesn't mean it won't snare a potentially large number of people:
The attack is not extremely sophisticated: the certificate is invalid in user's browsers, and raises a security warning. Unfortunately, because users see these warnings for many operational reasons that are not actual man-in-the-middle attacks, they have often learned to click through them reflexively. In this instance, doing so would allow the attackers access to and control of their Facebook account. The security warning is users' only line of defense.
Either way, I'm a bit surprised that governments are using and promoting such ineffective means of spying on the populace. Of course, hopefully, this helps teach people to not just click through potential warnings, but also to get a better sense of how to keep their own computers secure and how to avoid such attacks.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    identicon
    Anonymous Coward, May 6th, 2011 @ 4:47pm

    social networking is for the devil!.....

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Miff (profile), May 6th, 2011 @ 6:43pm

    "Oh, a SSL certificate should be expensive, that way it would be hard to get a false one. Nobody who couldn't afford it would even be hosting HTTPS anyways."

    > Unfortunately, because users see these warnings for many operational reasons that are not actual man-in-the-middle attacks, they have often learned to click through them reflexively.

    "D'oh."

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, May 6th, 2011 @ 10:37pm

    This could be a problem if we start having laws that require too many security warnings (as has been discussed here on techdirt in the past). If everything you do requires ten security warnings, before you know it, you start habitually clicking the important ones with the non-important ones without paying much attention to either. Security warnings should appear only where absolutely necessary so that when they do appear, users actually pay attention to them.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    another mike (profile), May 9th, 2011 @ 2:37pm

    saw this coming

    Iran was implicated in spoofing the certificates of sites like Facebook several months ago. You really didn't think they were going to let it go.
    To make this attack work less obviously, they need to spoof not only the certificate but also the certificate authority (CA). Diverting traffic from the legitimate site into their honeypot makes that easier. That sounds like the kind of border router protocol hacking China is implicated in.
    The arms race between freedom and censorship on the internet is only just warming up.

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This