Someone in the Syrian telcoms authority is running a clumsy man-in-the-middle attack against Facebook; activists who try to access the site in Syria using SSL get a message saying that the certificate doesn't match. The forged certificate that the telcoms authority is attempting to insert comes from Digi-Cert High Assurance CA-3. I got this wrong -- this is the correct cert; the bogus one is issued by "Facebook Inc". Though the attack is clumsy (it sends up a security warning), many unsophisticated users probably won't understand the warning and could be in danger.
The attack is not extremely sophisticated: the certificate is invalid in user's browsers, and raises a security warning. Unfortunately, because users see these warnings for many operational reasons that are not actual man-in-the-middle attacks, they have often learned to click through them reflexively. In this instance, doing so would allow the attackers access to and control of their Facebook account. The security warning is users' only line of defense.
Ed from the UK Open Rights Group writes, “Right now, the Government is ramming a new snooping law through Parliament. The Investigatory Powers Bill would force companies such as Sky, BT, Google and Facebook to keep detailed records of what we do online for a year — even if we are not suspected of committing […]
Michael Moore, perhaps Flint, MI’s most famous son, has written an open letter to people who are heartsick at the thought of a whole generation of mostly poor, mostly black children being given permanent brain damage through lead poisoning, thanks to the deliberate indifference of the state’s Republican administration and the greedy people who elected […]
Almost everyone has their smartphone in a case of one kind or another. Beyond simple protection, finding a case that can charge your phone on its own, but doesn’t feel like it’s also adding a couple pounds to the phone’s weight is the tricky part. Billed as the world’s thinnest battery case, the ThinCharge iPhone […]
You never know when new projects, ideas or opportunities can drop into your lap at a moment’s notice. That may require you to learn a new programming language like Python. Or maybe you need a primer on 3D game development. Or you might realize you could use a serious brush-up on iOS mobile creation.Point is, […]
Isn’t it about time to stretch what your Mac can do? I mean, you’ve got plenty of great programs now…but don’t you think you could use some new tools to get your creative, analytical and organizational juices really flowing? It’s spring, so we cleaned up a whole bunch of super-cool apps lying around and packaged […]