[liberationtech] Did Syria replace Facebook's security certificate with a forged one?

Thu May 5 11:32:44 PDT 2011

http://advocacy.globalvoicesonline.org/2011/05/05/did-syria-replace-facebooks-security-certificate-with-a-forged-one/print/

Did Syria replace Facebook's security certificate with a forged one?

Posted By *Anas Qtiesh* On 5 May 2011 @ 1:11 am In *
Advocacy,Feature,News,Syria,activism* | *No
Comments<http://advocacy.globalvoicesonline.org/2011/05/05/did-syria-replace-facebooks-security-certificate-with-a-forged-one/print/#comments_controls>
*

*Ana Souri *[I'm Syrian in Arabic] tumblr user is
claiming<http://anasouri.tumblr.com/post/5197803121>
 [1][ar] that Syrian Telecom Ministry has replaced Facebook's security
certificate with a forged one that makes it easy to spy on users, record
their passwords, and view their private content.

The post notes that the browser would alert users to the untrusted
certificate issue, but says that most people would allow an exception for
the suspicious certificate because they might not really understand what's
going on. This coincides with multiple Syrian users reporting inability to
access the site at all suspecting it was blocked again.

*Ana Souri *explained how to check for the authenticity of the certificate
and linked to the company that issues Facebook's original SSL certificate:

Tools-> Page Info
then press the security tab
then click on view certificate

المفروض تكون مأصدرة من من هالموقع:[should be released from this site]
http://www.digicert.com/welcome/who-uses-digicert.htm [2]

The following image shows a comparison between the fake certificate (left)
and the original one (right).
“]<http://advocacy.globalvoicesonline.org/wp-content/uploads/2011/05/certificate.jpg>
[3]

Fake vs. Original SSL certificates. Courtesy of Ana Souri. [click to enlarge
Affected users should locate and remove the exception by doing the following
steps:

Tools -> Options -> Advanced -> Encryption -> View Certificates -> Servers

There, they would be able to locate and delete the exceptions. It's also
recommended that users use anonymity and security tools such as
TOR<https://www.torproject.org/>
 [4] to connect and then change their password.

*Disclaimer*: While the above post is being circulated with breathtaking
speed among Syrian internet users, I'm still trying to verify the claims
explained above as we don't have concrete proof of their validity beyond
that tumblr post. If you have info you want to share on the topic, please
use the contact form to reach me directly, or leave a comment on the post
and I will update the article with any relevant info.
------------------------------

Article printed from Global Voices Advocacy: *
http://advocacy.globalvoicesonline.org*

URL to article: *
http://advocacy.globalvoicesonline.org/2011/05/05/did-syria-replace-facebooks-security-certificate-with-a-forged-one/
*

URLs in this post:

[1] is claiming: *http://anasouri.tumblr.com/post/5197803121*

[2] http://www.digicert.com/welcome/who-uses-digicert.htm: *
http://www.digicert.com/welcome/who-uses-digicert.htm*

[3] Image: *
http://advocacy.globalvoicesonline.org/wp-content/uploads/2011/05/certificate.jpg
*

[4] TOR: *https://www.torproject.org/*

-- 
Rebecca MacKinnon
Schwartz Senior Fellow, New America Foundation
Co-founder, GlobalVoicesOnline.org
Cell: +1-617-939-3493
E-mail: rebecca.mackinnon at gmail.com
Blog: RConversation.blogs.com
Twitter: @rmack <http://twitter.com/rmack>
Facebook: facebook.com/rmackinnon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20110505/b10aae44/attachment.html>