Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Man-in-the-middle attack on GitHub in China

Martin Johnson greatfire at greatfire.org
Wed Jan 30 02:06:00 PST 2013


I agree that the petition itself is controversial. The proposal is unlikely
to be realized. Gathering a lot of signatures will help bring attention to
the problem though. I would encourage people to sign it for that reason.

Martin Johnson
Founder
https://GreatFire.org - Monitoring Online Censorship In China.
https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search.
https://Unblock.cn.com - We Can Unblock Your Website In China.


On Wed, Jan 30, 2013 at 5:00 PM, Jacob Appelbaum <jacob at appelbaum.net>wrote:

> x z:
> > This is a great piece Martin! Thanks for the thorough analysis,
> explanation
> > and documentation.
> >
> > I have two comments:
> >
> > 1. It is a bit sad that the petition "People who help internet
> censorship,
> > builders of Great Firewall in China for example, should be denied entry
> to
> > the U.S.<
> https://petitions.whitehouse.gov/petition/people-who-help-internet-censorship-builders-great-firewall-china-example-should-be-denied-entry-us/5bzJkjCL
> >
> > " only got 9,024 signatures after 6 days. Yes, the petition is merely
> > symbolic, but it *is* symbolic. I do hope significantly more people can
> > sign it, otherwise, the GFW operators and Chinese authority can laugh
> their
> > way home, "see, so few people care!". I hope activists on this mailing
> list
> > can help spreading the word, 26 days remaining.
>
>
> I think that reducing a worker's travel rights is a rather strange
> tactic. It smacks of injustice. Borders as they exist today didn't exist
> in such a way around one hundred years ago, do we really like that? Is
> it such a good idea to promote a culture of control simply because in
> the short term "we" somehow benefit from it? I think the answer is no
> but I admit, I have a real big chip on my shoulder about harassment in
> US customs.
>
> I would encourage people not to sign such a petition. It is a symbol and
> it is a symbol of a control society hell bent on using coercive force of
> any kind to produce results. We should be better.
>
> >
> > 2. Even though HTTPS traffic is nontrivial to tackle, GFW has a much
> > simpler solution for it. GFW can deteriorate the user experience of HTTPS
> > websites, e.g. injecting random resets to HTTPS connections. People can
> > still use the site, but it becomes slow and unstable, gradually more and
> > more will switch away to use domestic replacement. It is a slow process,
> > but can be a successful one.
> >
>
> Indeed - we are seeing this exact strategy in many places in the world
> right now.
>
> All the best,
> Jacob
>
> > Cheers,
> >
> > Tom
> >
> > 2013/1/29 Martin Johnson <greatfire at greatfire.org>
> >
> >> At around 8pm, on January 26, reports appeared on Weibo and Twitter that
> >> users in China trying to access GitHub.com were getting warning messages
> >> about invalid SSL certificates. The evidence, listed further down in
> this
> >> post, indicates that this was caused by a man-in-the-middle attack. Full
> >> post at
> https://en.greatfire.org/blog/2013/jan/china-github-and-man-middle
> >>
> >> One interesting conclusion is that support for HTTP Strict Transport
> >> Security in Chrome and Firefox makes a real difference. If
> >> man-in-the-middle attacks become more common in China, preventing users
> >> from adding exceptions and making the warning messages informative is
> >> crucial. We need to find ways to convince users to use browsers that
> >> support these safety measures. Currently, around 50% of Internet users
> in
> >> China use either the 360 so-called Safety Browser (which is a very
> ironic
> >> name) or Internet Explorer 6 (yes, it lives on in China).
> >>
> >> Martin Johnson
> >> Founder
> >> https://GreatFire.org - Monitoring Online Censorship In China.
> >> https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search.
> >> https://Unblock.cn.com - We Can Unblock Your Website In China.
> >>
> >> --
> >> Unsubscribe, change to digest, or change password at:
> >> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> >>
> >
> >
> >
> > --
> > Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> >
>
> --
> Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130130/ea0da518/attachment.html>


More information about the liberationtech mailing list