"We had never encountered a security problem of scale that took place in Tunisia." Facebook has detailed this weekend, he led the battle to counter attempts by the regime of Zine el-Abidine Ben Ali to retrieve the identifiers of users of the famous Tunisian social network during the unrest that led to the leakage the former president. A communication operation that gives, of course, the handsome star at the role of Web 2.0, but also casts a harsh light on how the authority was trying to control access to the Net.
In an interview on Monday, the American cultural monthly "The Atlantic", Joe Sullivan, the head of security within Facebook, talks about the incident.It all began during the holiday season, says he. Many users complain Tunisian then seeing their Facebook account deleted.
Tunisian Internet by boiling following the immolation of young Mohamed Bouazizi, Sidi Bouzid, December 17, fear of censorship. At first, Facebook can not identify the problem.
Apolitical posture
Ultimately, it will take about ten days the team of Joe Sullivan to understand what's happening in the country. "The main service provider (ISP) [Tunisia] had established an unprecedented system for recovering logins and passwords for Tunisians registered on Facebook," said one.The social network accuses unnamed Tunisian Internet Agency (ATI) to have engaged the pleasure of hacker crime.
The organization, under the Ministry of Telecommunications, was injected on the login page to Facebook a cookie to save the email address and password that users wrote in logging.
Malicious code online
To circumvent the problem, Facebook has implemented a secure login page (one address "https" instead of "http") for all Tunisians. The user who wanted access to their account should also confirm his identity by answering a security question.Two steps, by Joe Sullivan, were sufficient to prevent the regime of Ben Ali can delete or edit their Facebook accounts.
The firm of Mark Zuckerberg has therefore been drawn into a major political event. "We decided to treat this as a mere technical problem and keep an apolitical stance," said Ted Sullivan, however. That is why the American group waited until the former president Ben Ali stepped down to reveal the story.
This episode confirms, in any event, the tight control on the Net Tunisian denounced for months by both Tunisian and by international organizations to defend freedom of expression.In July 2010, the Internet and Global Voices was moved to an attempt by authorities to retrieve the identifiers of the subscribers to Gmail, Google's e-mail.
January 3, malicious code intended to allow Tunisian government to control access to Gmail, Yahoo Mail and Facebook have even been published on the Internet.