|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2013-01-30 14:21:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
China, GitHub and the man-in-the-middle (Greatfire)
The Greatfire.org site has a
detailed analysis of a man-in-the-middle attack apparently directed
against Chinese Github users. "It’s clear that a lot of software
developers in China rely on GitHub for their code sharing. Completely
cutting access affects big business. GitHub may just be too important to
block. That leaves the authorities in a real pickle. They can’t
selectively block content on GitHub nor monitor what users are doing
there. They also cannot block the website altogether lest they hurt
important Chinese companies. This is where man-in-the-middle attacks make
their entrance. By faking SSL certificates, the authorities can indeed
intercept and track traffic to encrypted websites."
The Greatfire.org site has a
detailed analysis of a man-in-the-middle attack apparently directed
against Chinese Github users. "It’s clear that a lot of software
developers in China rely on GitHub for their code sharing. Completely
cutting access affects big business. GitHub may just be too important to
block. That leaves the authorities in a real pickle. They can’t
selectively block content on GitHub nor monitor what users are doing
there. They also cannot block the website altogether lest they hurt
important Chinese companies. This is where man-in-the-middle attacks make
their entrance. By faking SSL certificates, the authorities can indeed
intercept and track traffic to encrypted websites."
