nationwide interception of Facebook & webmail login credentials in Tunisia

James Firth james2 at
Wed Aug 31 09:23:43 BST 2011

Passive PROFITS wrote:
> So Cert Patrol just picked up an SSL certificate switch for
>; here's the new SHA1 fingerprint I've got...
> F1:BD:D4:59:78:7F:6B:EB:2F:4D:A8:72:E1:74:86:53:79:6B:3A:DD
> Anyone confirm they've also had a switch - it's not impossible I'm
> under attack, having fairly recently discovered a MiTM attack in
> progress, some months ago (mainly due to a fluke; didn't have cert
> patrol then!).

Almost certainly unrelated, but this story yesterday made me think back to
the above...

Google users targeted by forged security certificate

Security researchers have discovered a forged internet security certificate
designed to allow hackers to spy on Google users' private emails and other

James Firth

More information about the ukcrypto mailing list