Latest news
China-based users and visitors of GitHub, the globally popular online source code repository, have been targeted with an man-in-the-middle attack late last Friday, reports GreatFire.org, a non-profit organization that reports on the government's online censorship efforts in China.They say that for an hour or so, visitors from China were faced with browser warning messages about invalid SSL certificates, and speculate that the people behind the attack might have been the developers of the "Great Firewall" of China, who were named in a petition put forward to the White House, asking that "people who help internet censorship should be denied entry to the U.S."
"The petition has gathered more than 8,000 signatures in the five days since. To make the idea specific, there is a link to a list of Chinese individuals accused of contributing to the technical infrastructure behind online censorship in China. And this list is hosted on - you guessed it - GitHub," GreatFire reports.
"The list has gathered hundreds of comments, the vast majority in Chinese. One of these comments contains the supposed address and ID number of Fang Binxing, the Principal of Beijing University of Posts and Telecommunications and often called the 'Father of China's Great Firewall'. Another comment links to another much longer list of supposed contributors to the Great Firewall, also hosted on GitHub."
The Chinese government did block access to GitHub a week prior to that, but was forced to restore access due to public protest and probably due to the fact that blocking it cripples the ability of Chinese developers to collaborate, and thusly to innovate.
"[The authorities] can’t selectively block content on GitHub nor monitor what users are doing there. They also cannot block the website altogether lest they hurt important Chinese companies," GreatFire claims. "This is where man-in-the-middle attacks make their entrance. By faking SSL certificates, the authorities can indeed intercept and track traffic to encrypted websites."
They say that the attack was "crude" (the fake SSL certificate was not signed by a known certificate authority), "irrational", and short-lived, but unfortunately that doesn't mean that some of the visitors passwords weren't recorded.
Spotlight
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
