nationwide interception of Facebook & webmail login credentials in Tunisia

Roland Perry lists at
Wed Jan 26 10:49:55 GMT 2011

In article 
<AANLkTimn_sUK8=CQmMNZECz508Dxdy0a3npJorOvR8f_ at>, Mark 
Lomas <ukcrypto at> writes
>May I conduct an informal survey? Who on this mailing list has not 
>removed any of the CA certificates that were pre-installed by whoever 
>supplied your browser?

I haven't (it's outside of my life's-too-short envelope). On the other 
hand I do note (with sadness) whenever a blue-chip site's certificates 
seem to have expired.

And then there's the famous brand of login-requiring public wifi hotspot 
with a side effect of making the log-in screen appear to have a duff 
certificate (it's to do with the way they spoof the DNS to bring up the 
log-in screen I think).
Roland Perry

More information about the ukcrypto mailing list