[liberationtech] Did Syria replace Facebook's security certificate with a forged one?
liberationtech at lewman.us
liberationtech at lewman.us
Thu May 5 12:03:01 PDT 2011
On Thu, May 05, 2011 at 08:45:05PM +0200, canconsulting at web.de wrote 5.4K bytes in 72 lines about:
: Seriously: Can you name at least one advantage of the alleged
: certificate faking for Syrian internet users?
Your question is confusing. Using faked certs doesn't help Syrian
citizens, rather it puts them at risk.
However, it does help the government. The govt gets to
machine-in-the-middle all ssl traffic to facebook, decrypt it,
parse/record/store the unencrypted data, and then go arrest/kill people
with proof of content against the state. Or the data can be used to
unmask social networks of people friendly to the cause of protesting,
etc.
This same mitm has happened in Tunisia, Iran, Burma, and suspected in
many other countries. In fact, you can buy hardware to do this from US
companies, like Bluecoat or Packet Forensics. Or just roll your own
with one of the many mitmproxy projects out there, like
http://mitmproxy.org/.
--
Andrew
pgp key: 0x74ED336B
More information about the liberationtech
mailing list