Stand with Free Iran
Dedicated to speaking out on behalf of those silenced in Iran.
→ Ask questions, leave comments, or let us know how you'd like to help.
→ Submit to Stand with Free Iran!
Catching the Internet's spies in Iran and elsewhere

…What does this mean? It means that somebody in Iran had gone to great lengths to intercept supposedly secure Internet traffic, including Gmail messages.

This was not a trivial undertaking. The Iranian users’ reports reveal what must have happened. The snoopers’ associates had either broken into or defrauded the Dutch Internet security firm DigiNotar, and obtained from them a fake digital identity document, an https certificate, in the name of Google. They then redirected Google traffic within Iran, and used the certificate to masquerade as Google. With those capabilities, the party would be able to intercept and collect any private communications between Iranians and Google, including supposedly highly secure Gmail messages.

The combination of a targeted attack and the commandeering of at least two Internet service providers suggests a highly organized attempt to spy on a large number of Iranian Net users’ secure communications. The obvious, but unproven, candidate for this seems to be some element of the Iranian security forces.

If state security agents are working in cooperation with criminals in repressive countries likeIran, it will be unsurprising if one of the groups that governments and organized crime most wish to silence is targeted: journalists.

It is also important, however, to note what we cannot yet conclude. Firstly, we do not know the extent of the Iranian surveillance. Google only spotted the attack on its own services because the company had added specific extra checks in its browser for its own websites. Many other websites’ communications may have been compromised with no chance of detection.

The company most responsible for allowing this attack has not helped. Despite its clear involvement, DigiNotar has remained largely silent about the attack and has failed to notify other sites that may have been compromised. For instance, DigiNotar only informed the Tor Project, a software regularly used by at-risk journalists to communicate anonymously on the Internet, after the group directly requested confirmation that it had been targeted. (If you are in Iran and downloaded the Tor software recently, you should check the signatures of the files you downloaded.) Press reports have suggested that more than 200 sites may have been affected.

While all eyes are on Iran, the country remains one of the few nations that would have a need to defraud Western companies in order to conduct such surveillance. Many governments, including countries with a poor reputation for defending freedom of expression or privacy, are able to generate any number of fake digital certificates on their own authority.

Read more…

  4:49 pm  |   September 1 2011   |  4 notes  

  1. firesaw reblogged this from standwithfreeiran
  2. she-just liked this
  3. imperialcrowns liked this
  4. standwithfreeiran posted this
Back   |   Next
twentyten by Justin Waggoner