Syrian Facebook users claimed to be under attack
The Electronic Frontier Foundation (EFF) is warning that a man-in-the-middle (MITM) attack is targetting Syrian users who are using HTTPS to access the social networking site Facebook. The warning links to allegations that the Syrian government, in the form of the Syrian Telecom Ministry, is behind the attack and has "replaced Facebook's security certificate with a forged one that makes it easy to spy on users, record their passwords, and view their private content". So far, no one has been able to confirm the veracity of the allegations concerning the identity of whoever is behind the attack.
The attack is relatively unsophisticated. The fake certificate being used is not signed by any certificate authority which should make it easy to spot, but many users are used to ignoring warnings about unsigned certificates and will accept the dubious certificates. An article on globalvoicesonline.org says that information about the attack is circulating rapidly among Syrian internet users but notes that it cannot yet verify the claims made about this attack as there is no evidence beyond the original report (Arabic language link).
(ehe)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
