Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] FW: Did Syria replace Facebook's security certificate with a forged one?

liberationtech at lewman.us liberationtech at lewman.us
Sat May 21 07:23:27 PDT 2011


On Fri, May 06, 2011 at 08:52:41AM +0800, crates at oneotaslopes.org wrote 2.1K bytes in 56 lines about:
: Andrew, do we have proof of MITM attacks in Tunisia? Iran?

Proof is hard to come by.  I have had chats with people in countries who
have claimed they are seeing certs from their govt telco authority for
gmail, yahoo, skype, msn, etc.

None of these people took screenshots of the ssl cert presented nor
saved the cert.  Due to a lack of evidence, other than word of mouth, I
consider this hearsay.  However, I've heard the rumor enough to wonder
if there is anything real behind it. 

Specifically, when viewing gmail[1], when looking at the ssl
cert presented, it was claimed the 'Issued by' is from their govt, not
an accepted CA.

[1] https://www.google.com/accounts/ServiceLogin....

-- 
Andrew
pgp key: 0x74ED336B



More information about the liberationtech mailing list