Using a “Man-in-the-Middle” to Target Activists

Given the civil unrest roiling the Middle East, Syria’s recent decision to unblock Facebook seemed…well, puzzling.  After all that’s been made of the social network’s role in helping organize the Egyptian and Tunisian uprisings, why would Damascus choose this moment to open it up?

Perhaps now we have the answer.

Illustration: German Ariel Berra

Peter Eckersley with the Electronic Frontier Foundation reports it appears Syrian authorities have launched a cyber-attack against Facebook aimed at intercepting messages and targeting activists inside Syria.  Calling it “very much an amateur attempt,” Eckersley says forensic data analysis makes clear that an unknown culprit – but one with Syrian fingerprints – has compromised Facebook’s security by using one of the oldest tricks in the spy-book: a “man-in-the-middle”, or MITM, attack.

In essence, an MITM hack is an electronic form of code-breaking between two people online who have been tricked into believing they’re communicating over a secure connection – such as https – but are actually passing messages through a third hidden party, where they can be recorded, blocked or altered.   That may seem like a mouthful, but it’s actually a lot less complicated than it sounds.  Let’s unpack it a bit. Read the rest of this entry »

Wikileaks and the Cyber-War it Launched

“The Jester” says he’s responsible for knocking Wikileaks off the Internet. “Anonymous” say they’re targeting MasterCard and PayPal as punishment for stopping transfers to the controversial site. Across the web, a war is waging between supporters and opponents of Wikileaks. Will it be enough to tear a hole in the Internet?  VOA’s Doug Bernard takes a deeper lo0k, after the jump.