*Man, Alexis Madrigal is tearing it up over at the time-honored ATLANTIC. This thing is terrific.
(...)
"After more than ten days of intensive investigation and study, Facebook's security team realized something very, very bad was going on. The country's Internet service providers were running a malicious piece of code that was recording users' login information when they went to sites like Facebook.
"By January 5, it was clear that an entire country's worth of passwords were in the process of being stolen right in the midst of the greatest political upheaval in two decades. Sullivan and his team decided they needed a country-level solution – and fast.
"Though Sullivan said Facebook has encountered a wide variety of security problems and been involved in various political situations, they'd never seen anything like what was happening in Tunisia.
"We've had to deal with ISPs in the past who have tried to filter or block our site," Sullivan said. "In this case, we were confronted by ISPs that were doing something unprecedented in that they were being very active in their attempts to intercept user information."
"If you need a parable for the potential and pitfalls of a social-media enabled revolution, this is it: the very tool that people are using for their activism becomes the very means by which their identities could be compromised. When the details are filled in on the abstractions of Clay Shirky and Evgeny Morozov's work on the promise (former) and danger (latter) of Internet activism, the ground truth seems to be that both had their visions play out simultaneously. (((No kidding. It's great that we still have some real-world investigative journalism that can figure that stuff out.)))
"At Facebook, Sullivan's team decided to take an apolitical approach to the problem. This was simply a hack that required a technical response. "At its core, from our standpoint, it's a security issue around passwords and making sure that we protect the integrity of passwords and accounts," he said. "It was very much a black and white security issue and less of a political issue."
"The software was basically a country-level keystroke logger, with the passwords presumably being fed from the ISPs to the Ben Ali regime. As a user, you just logged into some part of the cloud, Facebook or your email, say, and it snatched up that information. If you stayed persistently logged in, you were safe. It was those who logged out and came back that were open to the attack...."
