May 6, 2011 11:01 GMT  ·  By

The Syrian government is trying to identify activists who use social media to coordinate protests by orchestrating nation-wide man-in-the-middle attacks.

The Electronic Frontier Foundation (EFF) has received several reports from Syrian users who spotted SSL  errors when trying to access Facebook over HTTPS.

The errors were caused by a fake digital certificate served to users, which the EFF has managed to obtain.

All this is indicative of a so-called man-in-the-middle attack, where the attacker is positioned between the victim and the Internet and can alter their traffic.

Man-in-the-middle attacks can occur at local network level, at Internet service provider level or at national level, in countries where the government controls perimeter gateways.

An example of such nation-wide abuse was observed in Tunisia during the pro-democracy protests earlier this year, when the country's telecommunications authority used its power to launch mass phishing attacks against Gmail, Facebook, Yahoo! and Hotmail users.

There is a strong indication that the same is happening now Syria, because the SSL errors were seen by people using different Internet service providers.

"This is very much an amateur attempt at attacking Facebook's HTTPS site. The certificate was not signed by a Certificate Authority that was trusted by users' web browsers," notes Peter Eckersley, a senior staff technologist for the EFF.

Unfortunately, because some websites regularly use self-signed certificates, users might be familiar with such errors and might be tempted to click through them.

Since the Syrian Telecom Ministry is attacking the HTTPS version of Facebook, it is sensible to assume that the plain-HTTP version is also targeted and so are probably other social media websites like Twitter, YouTube or even webmail services.

Syria is trying to enforce a media blackout by banning journalists from covering the unrest in the country. Under these circumstances, news outlets rely on amateur footage and images uploaded online by activists, something which the government likely wants to prevent.