Marketplace Tech Report: Iranian hacks call into question web stability
Go Deeper.
Create an account or log in to save stories.
Like this?
Thanks for liking this story! We have added it to a list of your favorite stories.
Someone inside Iran managed to intercept traffic going to websites like Google and Yahoo. They did it using certificates, the digital notifications that tell your computer that a site is secure.
These maneuvers have been traced to IP addresses within Tehran and there is speculation that the Iranian government may be behind these efforts. It certainly would be one way of spying on dissidents by knowing what they were sending in emails they believed to be private.
So what is the significance of this hack on the rest of us users? It could be huge. Steve Schultze is associate director of the Center for Information Technology Policy at Princeton University. He says that it points out a fundamental problem in the very architecture of the Internet. There are hundreds of entities that have been given the authority to hand out these certificates. Some of them are official government institutions, but one of those was the former government of Tunisia (which, you'll recall, was tossed out a few months ago amid charges of corruption). There are also private companies, 100 German universities and even an observatory. All it really takes is for one of those entities to be compromised for those certificates to be hijacked.
So while it's a good thing to use a secured setting for your computing, the layer that establishes that security may itself be vulnerable to attack. In Iran, the hackers were essentially able to step between user and website and intercept all the information passing through.
Various Internet organizations and companies are working to correct this system. We'll keep you posted on their progress.
Also in this program, you can buy a Facebook greeting from an "American Idol" contestant for $1. If you want.
Turn Up Your Support
MPR News helps you turn down the noise and build shared understanding. Turn up your support for this public resource and keep trusted journalism accessible to all.