comScore

Wait, what?

Looks like you came here from Geekosystem. Don't worry, everything is still here. We've just combined forces with The Mary Sue to bring you more and better content, all in one place.

Reports: Syrian Government Using Man-in-the-Middle Attacks to Compromise Citizens’ Facebook Accounts

Reports are issuing from Syrian bloggers that the government-run Syrian Telecom Ministry is compromising the security of citizens’ Facebook accounts. In what appears to be a man-in-the-middle attack against the HTTPS version of Facebook, logging in triggers a browser warning like the one above, saying that the certificate is invalid not to be trusted.

The certificate on the left, issued to “Facebook, Inc.” is not real; the DigiCert one is. The EFF says that it’s a sign of the relative unsophistication of the alleged government attack that it raises a warning at all: However, there are plenty of people who don’t pay attention to browser warnings, especially if they’re attempting to log into a trusted site like Facebook. Logging in anyway would give the attackers behind the phony certificate “access to and control of their Facebook account,” so this is serious business.

(EFF via Boing Boing)

Filed Under |

© 2014 The Mary Sue   |   About UsAdvertiseNewsletterJobsContributorsComment PolicyPrivacyUser AgreementDisclaimerContactArchives RSS

Dan Abrams, Founder
  1. Mediaite
  2. The Mary Sue
  3. Styleite
  4. The Braiser
  5. SportsGrid
  6. Gossip Cop