Jillian C. York » What Syria’s Unblocking of Facebook Was Really About

What Syria’s Unblocking of Facebook Was Really About

Back in February, I wrote that the Syrian government’s decision to free up access to Facebook and other sites was a risky move, potentially designed to entrap Syrians.

In the nearly three months since, it seems like I was right: First came the reports of activists and non-activists being detained, their Facebook and other passwords demanded by authorities for the purpose of monitoring accounts and spying on contacts; now, as the EFF (where I’m now based) discovered yesterday (with help from one very brave Syrian contact), the government appears to be handing Facebook users fake SSL certificates on the HTTPS version of the site in order to conduct a man-in-the-middle attack and get ahold of users’ personal information.

Additionally, as Jake Appelbaum has tweeted, Tor seems to be blocked on some Syrian ISPs (Syrians on other ISPs have reported more recently that it’s working fine).

Without HTTPs and Tor, Syrians are not safe using Facebook. And when using any other HTTPS version of a site, users should inspect the SSL certificate very carefully.

~ about jillian

Jillian C. York is the Director of International Freedom of Expression at the Electronic Frontier Foundation. She writes regularly about free expression, politics, and the Internet, with particular focus on the Arab world. She is on the Board of Directors of Global Voices Online, and has written for a variety of publications, including Al Jazeera, Al Akhbar, The Guardian, Foreign Policy, and Bloomberg. Views expressed on this blog belong to Jillian alone and do not represent her employers, past or present.

~ jill on global voices

Arab World: Mourning Anthony ShadidOn February 17, the tragic news that New York Times Middle East Correspondent Anthony Shadid had passed away in Syria at the age of 43, reportedly as a result of a severe asthma attack triggered by an …

Saudi Arabia: Fate of Journalist Hamza Kashgari Hangs in the BalanceSaudi journalist Hamza Kashgari set off a social media firestorm last week when he tweeted an imaginary conversation with the Prophet Mohammed, causing the young man to flee the country in the face of …

Global Online Community Protests U.S. Anti-Piracy BillsToday, January 18, is an important day for the Internet. Corporate websites, from Google to Twitpic, along with civil society groups and individuals, have all joined together in a common cause: to pro …

7.05.2011Mark

This is outrageous. This murderous regime must not go unpunished.

7.05.2011Duke 3D

I wish someone would come out with an article explaining how to avoid false SSL certificates. I’ve heard some governments can create their own, valid, SSL certificates. I guess the best advice is to avoid social networks all together. I dunno.

8.05.2011Jillian
Hi Duke,

Perhaps some of the resources you’re looking for are here? https://www.eff.org/observatory

Let me know if there’s something we can do to explain the process better. As a “non-geek” myself, I know it can be confusing at times.

Best,
Jillian
- Author Link

13.05.2011Amin

Syria are using same method of Iranian authorities! Iran at least two times used fake SSL certification during protests! Honestly, both of them are good partner :)

Author Link

13.05.2011Ali
+1

23.08.2011Tim

To keep safe you need something to encrypt your outgoing traffic, like http://www.highspeedvpn.com/ or other VPN servive.

A proxy will just route your traffic, leaving it unencrypted. What is Tor, is it a VPN or a proxy? Sounds familiar.

5.02.2012Blade

If this ever happened in China they would shut down the Internet completely – they wouldn’t care about the world wide outcry against it.

What Syria’s Unblocking of Facebook Was Really About

~ about jillian

~ links

~ twitter

~ del.icio.us

~ jill on global voices

~ last.fm