Iran Election Guide

Donate to EAWV





Or, click to learn more

Search

Entries in Mozilla (2)

Saturday
Sep032011

Iran: Assessing Latest Cyber-Threat, Rogue Certificate Part 2 (Arseh Sevom)

Earlier in the week, our colleagues at the civil society organistion Arseh Sevom assessed the security threat, possibly introduced by the Iranian regime, that left Google users in Iran susceptible to a rogue certificate attack.

Now, Arseh Sevom reanalyzes the threat in part 2 of the series. And they have an alarming piece of information, that users of Tor, Yahoo, and Mozilla may also have been compromised...

See Also, Iran Special: Assessing the Latest Cyber-Threat --- The "Rogue Certificate" (Arseh Sevom

Latest from Iran (3 September): Elections and the Revolution


UPDATE: Google and Mozilla have revoked more than 200 security certificates as a result of a hack into the accounts of certificate authority, DigiNotar.

Click to read more ...

Tuesday
Aug302011

Iran Special: Assessing the Latest Cyber-Threat --- The "Rogue Certificate" (Arseh Sevom)

Suppose you want to send mail to your brother. But an enemy somehow manages to get credentials of a postman and bribes or coerces his way into becoming the postman that takes your mail to your brother and brings his reply back. Now when you put mail in the mailbox, he will discard your mail and instead, write a mail himself and take that to your brother as if you had written it. Then, when your brother writes a reply to your mail, the postman picks that one up, discards it and writes a totally different reply and brings it back to you.

The result is that neither you nor your brother are able to communicate what you wish to communicate to each other if the enemy wishes to alter your message. Worse, even if he doesn’t, any secret that you sent, including your addresses and passwords are now the property of the enemy. Now imagine the government of Iran or another government being that postman, reading every message you send over Google…

Click to read more ...