Facebook users in Syria are being targeted by online attacks, presumably launched by the Syrian government, aimed at monitoring and intercepting their social networking communications. The Electronic Frontier Foundation (EFF) warned Syrian Facebook users Thursday that the attacks are using forged, invalid security certificates and occurring on the secure, HTTPS-encrypted Facebook site. In these "man-in-the-middle" attacks, the perpetrators use a fake security certificate to trick users into logging on to what they believe to be a securely encrypted Facebook page. Once the users access the site, their communications can be monitored and censored. In these particular instances in Syria, the invalid security certificate used by the attackers causes a warning to pop up on users' Web browsers, but "because users see these warnings for many operational reasons that are not man-in-the-middle attacks, they have often learned to click through them reflexively." The EFF is urging Syrian Facebook users to use proxy connections to access Facebook, or to login via Tor, software that allows for anonymous Internet connections and freedom from surveillance. Unfortunately, this is by no means the first time an oppressive government — Egypt, Libya, Bahrain — has attempted to keep a citizen rebellion at bay by targeting the people's social networking freedoms.
http://www.msnbc.msn.com/id/42938069/ns/technology_and_science-security/
No comments:
Post a Comment