13:19 Hacking accounts opposition to facebook gmail and yahoo | |
| Tunisian authorities set an example of how to effectively crack down on the opposition on the Internet. Instead of filtering software, they simply remove the hostile accounts. The local edition of The Tech Herald reveals the technique of breaking. For users in Tunisia page Facebook, Gmail and Yahoo when you connect via HTTP instead of HTTPS act with "supplement" in 10 lines of code. This JavaScript is used to collect usernames and passwords. Here are samples of modified pages Gmail, Yahoo and Facebook. Obviously, the script is being implemented at the ISP. It may collect passwords from the opposition began in July 2010 when a local provider of a monopoly for the first time block HTTPS for users inside the country. Security experts from independent companies confirmed malicious script and tried to explain its mechanism. Having obtained the data for authorization, he encrypts them weak ciphers and puts in the URL, adding five random characters, so it gets the address of such www.google.com/wo0dh3ad. To him from the browser sends GET-request, which is intercepted at the national ISP. Then you only need to decrypt the data and use them at the right time to enter into other people's accounts. Actually, the involvement of the Government of Tunisia to the hacker's attack has not been proven, but experts say it's unlikely any foreign attackers could compromise the entire network of Internet infrastructure. Especially the state-monopoly provider of Tunisian Internet Agency (owned by the Ministry of Communications) and was once caught in traffic filtering: in April 2010, they blocked access from Tunisia to sites Flickr, YouTube and Vimeo. Mass unrest began in Tunis on December 17 in protest against unemployment and poor social conditions. A month of clashes with police were killed, according to various estimates, from 23 to 100 people, several hundred were injured. Last weekend, the situation has worsened and the authorities were forced to enter the capital of the troops. The group Anonymous has launched operation "Tunis", collapses site Tunisian Internet Agency more than a day and recommends that local users to install an extension to the browser, which cuts out of the pages of a malicious script. By topic: December 19, 2010 Belarusian-monopoly provider Beltelecom also block HTTPS (more precisely, 443) for users inside the country. | |
|
| |
| Total comments: 0 | |