A man-in-the-middle attack is being run against users of the secure version of Facebook in Syria, the Electronic Frontier Foundation (EFF) warns.
The semi-professional attack against the HTTPS version of the Facebook site relies on a digital certificate unsigned by any Certificate Authority and probable re-routing of traffic by the Syrian Telecom Ministry. The ongoing attack has been detected against multiple Syrian ISPs.
I was thinking in which CA (Certificate Authority) was behind the htpps of Facebook?
This is very much an amateur attempt at attacking Facebook's HTTPS site. The certificate was not signed by a Certificate Authority that was trusted by users' web browsers. Unfortunately, Certificate Authorities are under the direct or indirect control of numerous governments, and many governments therefore have the capability to perform versions of this attack that do not raise any errors or warnings.
Now what? Are browsers accepting non signed certificates? Will it only rely on users’ decision?