[SSL Observatory] Syrian fake certificate for Facebook
Peter Eckersley
pde at eff.org
Thu May 5 15:13:05 PDT 2011
A copy of the certificate is linked in this post:
https://www.eff.org/deeplinks/2011/05/syrian-man-middle-against-facebook
On Thu, May 05, 2011 at 04:28:19PM -0400, Danny O'Brien wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> http://advocacy.globalvoicesonline.org/2011/05/05/did-syria-replace-facebooks-security-certificate-with-a-forged-one/
>
> http://advocacy.globalvoicesonline.org/wp-content/uploads/2011/05/certificate.jpg
>
> Looks like it's not signed by a vouched CA.
>
> I've actually had a smattering of reports of such fake (but not CA-signed) certificates in the wild from across the world (Central America, S.E. Asia, and now the Middle East). The explanation could be as much the widespread use of MiTM tools by petty criminals in cyber-cafes aimed at tourists as they are by state attackers – I get to hear about their use in repressive regimes more, but that might be just selection bias at work.
>
> Does anyone else see more of these examples? Enough to see a trend, either in casual criminal use in easily MiTM environments, or on wired ISPs (implying a more established adversary)?
>
> d.
>
> - --
> Danny O'Brien
> Internet Advocacy Coordinator
> Committee to Protect Journalists
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (Darwin)
>
> iQIcBAEBAgAGBQJNwwhkAAoJEOUAGQaj/eReubwP/294joHV2SHikHGQNw9NDxSN
> 9hwdFmqcwcxNW+dXW1HO9kFlLE2rFEDvLOKztLxSdVODuENrU7nA5m15CG32a/8a
> 3pGO72wx6lagnr27g9Lpuzx6VTB61xC8uzRTQrmso5JIweD0EZPh3vpzNNCxFUTz
> cx1H+Q4dfnRBDDsgVyHynApTYrUryN0FUdNTZCwxWB888dhDtlL5qM3Hao/hAd5T
> 4cRrs6IXamL5GlL9ArAXr6PLQn8x8nKeltZnYXFAJCLzVDoZw8/cFRgAfJy2OtUz
> hH2aUyT2+OiLTk6q59UNkTwQDhXIO2l3KelVb6IEzPRfiUO6nBuLr6tVkhPDR0x6
> Xmb0P+Y46Bah7fWZhHXI9GmqyDF0oLUZPrqa7QZv1irSYm18AM+3oQOMtRK7ouvZ
> Hgd6Mf3FRNxYR0w9GhC3aDAZktQkKt+g+KQCTFyDdPNXk37xumOrCJfQBWCqDRKs
> wG2GIZvfu5xRKmdm8PFuYyAkBzyxQLu8tSdlI0VmdhsicibSj/u+U2YbkNOiS1eN
> Kn5Hk+0GPjzaE26utWGFS7KsOHfZ1SeZX+WBgZ5A2kakRTfBaSicT6NNI/Qd6jYF
> q05/t1tAjip+sfoBhLHf39ykGnZcHFYEJrU8LBrP6NJ1Z8UMWfJEHYTRk7LSWtqt
> dYobXYwBJPulQNwferWP
> =9Mhl
> -----END PGP SIGNATURE-----
--
Peter Eckersley pde at eff.org
Senior Staff Technologist Tel +1 415 436 9333 x131
Electronic Frontier Foundation Fax +1 415 436 9993
More information about the Observatory
mailing list