Facebook battled Tunisian regime during uprising

State accused of using main-in-the-middle attack on own citizens

RELATED TOPICS

Techworld –

The uprising against deposed Tunisian dictator Zine El Abidine Ben Ali was preceded by a major and ultimately failed battle to control access by dissenters to Facebook, it has been claimed.

According to a story in The Atlantic magazine, from last December onwards the Tunisian Government used an elaborate man-in-the-middle attack on Facebook users in the country designed to steal login credentials en masse.

Full details of the extraordinary attack by the regime on its own people are unclear but are said to have operated through Tunisian ISPs directing users to fake versions of the Facebook and possibly other social media sites from where injected Javascript code was used to record the keystrokes entered during login.

Details of the attack come from Facebook itself, which realised what was happening and retaliated in an 'apolitical' way by forcing Tunisian connections to use encrypted https to secure logins.

Because ISPs could still in principle have stopped https being used, users that logged out during the attack period (and who were therefore susceptible because they might have had their logins scraped) were also asked to authenticate themselves by identifying Facebook friends to stymie snooping.

The Facebook defence appears to have worked although an unknown number of Tunisian users will have been compromised in the days leading up to its implementation.

"When you step back and think about how Internet traffic is routed around the world, an astonishing amount is susceptible to government access," the article quotes Facebook's Chief Security Officer Joe Sullivan as saying.

The point is well made. Tunisia is no different to many Arab and North African regimes which impose as many restrictions as they can on Internet dissent, not always at the level of sophistication shown by the Tunisian regime.

More generally, the role of social media in political dissent is little-considered beyond the observation that it played a significant part in the failed uprising against the hardline regime in Iran, and is tightly controlled by China's infamous national firewall. Only this week, Iran announced the setting up of a dedicated force to counter the use of online social media to organise anti-government protests.

For Facebook, the story will offer some relief in terms of it its image. During the last year, the service has routinely been upbraided by sections of the Internet community as a threat to privacy.

RELATED TOPICS
Top 10 Hot Internet of Things Startups
View Comments
You Might Like
Join the discussion
Be the first to comment on this article. Our Commenting Policies