Close

Donate today to keep Global Voices strong!

Our global community of volunteers work hard every day to bring you the world's underreported stories -- but we can't do it without your help. Support our editors, technology, and advocacy campaigns with a donation to Global Voices!

Donate now

See all those languages up there? We translate Global Voices stories to make the world's citizen media available to everyone.

Learn more about Lingua Translation  »

Iran: Smile, the Regime is Reading Your Emails

A growing number of Iranian bloggers expressed their anxieties after learning that their Gmail inboxes may have been an open book for the Iranian state to read and target dissidents for the last two months.

RedOrbit says:

The rogue SSL certificate is used to digitally “sign” HTTPS connections to any Google site and was issued by a Dutch company called DigiNotar on July 10. In particular, political dissidents who put their trust in Google’s systems for their security may have been targeted in the attack.

Google reacted on August 29, 2011, saying:

Today we received reports of attempted SSL man-in-the-middle (MITM) attacks against Google users, whereby someone tried to get between them and encrypted Google services… Google Chrome users were protected from this attack because Chrome was able to detect the fraudulent certificate.

Human rights organisation, Arseh Sevom warns that Tor, Yahoo and Mozilla are targets too.

Here is Ali Borhani's (an Iran-based IT student) conversation with Google:

Hi,
Today, when I trid to login to my Gmail account I saw a certificate warning in Chrome .
I took a screenshot and I saved certificate to a file.
this is the certificate file with screenshot in a zip file:
http://www.mediafire.com/?rrklb17slctityb
and this is text of decoded fake certificate:
http://pastebin.com/ff7Yg663
when I used a vpn I didn't see any warning ! I think my ISP or my government did this attack (because I live in Iran and you may hear something about the story of Comodo hacker!)

Iran Online Security writes that internet users got the warning when they wanted to access their Google Docs.

While several bloggers offered advice for secure internet use such as using proxies to login to their emails, Nima Rashedan, a cyber security expert, published a video explaining to Iranian users what happened.

Nima Rashedan told me via email that most Iranian media ignored the importance of this attack. Hackers got their hands on passwords, files, archives and unfortunately it is not limited to Google, since Yahoo, Firefox were targeted too. Diginotar still keeps silent although it was hacked by a group that called itself “Iranian hackers”. Rashedan says the damage is beyond imagination and nothing to compare with Comodo hacking.

A new campaign was launched to protect Iranian users where we read:

Our campaign is aimed at raising awareness for the dangerous situation for Iranian netizens, especially since the Diginotar scandal.

Receive great stories from around the world directly in your inbox.

Sign up to receive the best of Global Voices
* = required field
Email Frequency



No thanks, show me the site