Someone in the Syrian telcoms authority is running a clumsy man-in-the-middle attack against Facebook; activists who try to access the site in Syria using SSL get a message saying that the certificate doesn't match. The forged certificate that the telcoms authority is attempting to insert comes from Digi-Cert High Assurance CA-3. I got this wrong -- this is the correct cert; the bogus one is issued by "Facebook Inc". Though the attack is clumsy (it sends up a security warning), many unsophisticated users probably won't understand the warning and could be in danger.
The attack is not extremely sophisticated: the certificate is invalid in user's browsers, and raises a security warning. Unfortunately, because users see these warnings for many operational reasons that are not actual man-in-the-middle attacks, they have often learned to click through them reflexively. In this instance, doing so would allow the attackers access to and control of their Facebook account. The security warning is users' only line of defense.
Khartabil has been imprisoned in a Syria’s Adra Prison since 2012, though as of October, he has been transferred to an undisclosed location. The free software/open culture activist was the lead for Creative Commons Syria and has contributed to Wikipedia, Firefox and many other projects.
Evan from Fight for the Future writes, “The privacy-killing law CISA — which gives legal immunity to corporations when they share your private data with the U.S. government — is back on the Senate floor after Internet activists have successfully delayed it many times. This could be our last chance to stop it for good.”
It’s been ten years since Danny O’Brien, Suw Charman and I announced the formation of the UK Open Rights Group at the 2005 Open Tech conference and asked the assembled people to pledge to pay £5/month to help fund a UK-based digital rights group that would fight for their rights online — and everywhere.
Carrying this EDC card is like slinging around a handheld toolbox wherever you go. Its minimal design is small enough to fit in your wallet’s billfold, and it’s TSA-compliant so you’ll never leave it behind. It’s got hex wrenches, metric and imperial rulers, flathead and Phillip’s screwdrivers, and a bottle opener so that you’re ready […]
Today only take an additional 15% off the below drones today using coupon code: DRONE15 at checkoutThe Code Black is our top-selling drone of all time—and for good reason. This powerful, palm-size drone is not only insanely fun to fly, but can capture some serious video footage from up above. With a flight time of […]
Why interrupt your post-Thanksgiving turkey bliss to wait in an epic line, when the best deal of the season is a click away? We’re treating you Mac enthusiasts to the ultimate Black Friday bundle, packed with apps to give your machine a mega boost in the right direction. From Drive Genius to AfterShot Pro to […]