In a clever public relations move, social networking site Facebook revealed on Monday how it went up against Tunisia's government as it tried to rein in a popular revolt by stealing internet user names and passwords.
Social networking site Facebook has recently come forward with a story of its own struggle against the government of recently deposed Tunisian president Zine al-Abidine Ben Ali.
“We have never encountered a security problem of the magnitude of that which took place in Tunisia,” the company said of its efforts to counter the regime’s attempts to identify Facebook users during the run-up to Ben Ali’s spectacular fall from power earlier this month.
Joe Sullivan, the chief security officer at Facebook, recounted the incident in the American monthly The Atlantic in an interview published on Monday that not only highlights Facebook’s pivotal role in Tunisia’s unfolding revolution but reaffirms the company as a star of Web 2.0.
It all began around the holiday season, when Facebook began receiving complaints from Tunisian users that their accounts had been erased. The country had been gripped by weeks of violent protests following the dramatic December 17 self-immolation of Mohamed Bouazizi in a protest over employment. Amid the continuing unrest, Tunisian internet users thought they might have been the victims of a government clampdown on the Web.
But despite the swell of complaints, Facebook could not identify a problem with user accounts in Tunisia. It would take Sullivan’s team more than 10 days to comprehend what exactly was going on. What they discovered was that Ben Ali’s regime was effectively stealing a nation’s worth of user identities and passwords.
An apolitical response to a political crisis
Sullivan told “The Atlantic” that after extensive investigation, they found that Tunisia’s Internet Service Providers (ISPs) were aggressively capturing user details.
“In this case, we were confronted by ISPs that were doing something unprecedented in that they were being very active in their attempts to intercept user information,” Sullivan said.
That discovery pointed a finger at the Tunisian Internet Agency (ATI), the country’s main internet service provider, as being responsible for pirating the information. An offshoot of Tunisia’s Ministry of Communication, ATI was using a malicious piece of code that allowed the agency to record users’ log-in information when they visited sites like Facebook.
To counter the problem, Facebook introduced a link that would allow Tunisians to connect securely (via an “https” address instead of the usual “http”). In addition, users who wanted to access their accounts had to answer a series of security questions to confirm their identities. According to Sullivan, these two seemingly simple steps helped prevent Ben Ali’s regime from erasing or modifying all of the country’s Facebook accounts.
“At its core, from our standpoint, it’s a security issue around passwords, and making sure that we protect the integrity of passwords and accounts,” Sullivan said. “It was very much a black and white security issue and less of a political issue.”
apolitical is why it waited until Ben Ali left power on January 14 before coming forward with its story.
Facebook's troubles have confirmed suspicions held by free speech organisations – and, of course, many Tunisians – that internet access under the former regime was held on a very short leash.
Date created : 2011-01-24