back to article China is ALREADY spying on Apple iCloud users, claims watchdog

Last week Apple CEO Tim Cook was very happy that the iPhone 6 is at last going on sale in China. But it seems the Chinese government has its own plans for owners of the new device. According to censorship watchdog Greatfire.org, Chinese state hackers began staging a massive man-in-the-middle attack against Apple iCloud.com …

  1. Mark 85

    Chinese Users and Security

    But early reports show a marked reduction in demand for Apple's high-priced iPhone (although it has been a boon for the tailoring industry) and instead Chinese buyers are focusing on Xiaomi and other locally produced handsets.

    I guess If you know you're going to be snooped, and the high priced unit isn't secure, buy the cheaper one.

    I'm of the opinion that while a given country may want to keep other slurpers out, they see nothing wrong with slurping the info in-country. Seems the Chinese make no bones about it. The rest of us just get lied to.

  2. William Donelson

    "China is already spying on Apple iCloud users (and every other goddam communication form), watchdog claims"

  3. ecofeco Silver badge

    Surprise Surprise

    Surprise Surprise

    (go on, click it)

  4. solo
    Paris Hilton

    ..already spying..

    All the governments are already spying on the iCloud users, through 'legal and legitimate means'. It's just that the Chinese want it translated in native language to keep labor cost down.

  5. Frank N. Stein

    "a marked reduction in demand for Apple's high-priced iPhone"? Imagine that? What other phones could fashion conscious punters be using? BB Passport?

  6. Nifty Silver badge

    If a fake cert can put a man in the middle so easily with Apple kit, what's to stop one being mounted via a dodgy public WiFi access point in the West?

    1. Yet Another Anonymous coward Silver badge

      It would probably be against the law - unless you are a law enforcement agency, or involved in national security. Or, in the uk, a local allotments committee with a copy of RIPA

      1. Anonymous Coward
        Anonymous Coward

        umbrella this time, we've run out of colors!

        and let's not forget that one man's "student protests in Hong Kong calling for greater democracy" is another man's "attempted color revolution externally funded by US state department"

        or Yes, it could be the dreaded allotments committee at it again, muppets.

        1. Dan Paul

          Re: umbrella this time, we've run out of colors!

          We couldn't competently arrange support for the Ukrainian revolution, let alone China. You must have too much lead in your tinfoil!

          1. Anonymous Coward
            Anonymous Coward

            Re: umbrella this time, we've run out of colors!

            @Dan Paul "We couldn't competently arrange support for the Ukrainian revolution, let alone China."

            I think you need to mock harder, we'll take it a layer deeper - how far do you wish to go?

            Using OSINT, it's very easy to prove (we've done it) that the Ukrainian color revolution, revolutionary materials were identical to previous color revolution materials; that the previous color revolution revolutionary materials were created on a specific ( identified) Apple Mac, using specific (identified) graphic apps, we found the source of the traced images for the revolutionary materials and this data/metadata was corroborated by court-given sworn testimony that not only were the revolutions usually planned 2 years in advance, but they were planned by a specific group of (named) countries.

            Isn't OSINT useful!

            hopefully the Chinese/HK umbrella situation will run its course, bring increased democracy through negotiations & without that many casualties. On the subject of aluminum (sic) foil, why doesn't wearing 'foil-hats' make the CA authorities existing web-of-trust trustworthy & impossible to subvert by Great Wall of China DNS or IP re-routing?

      2. Anonymous Coward
        Anonymous Coward

        Who frikkin cares if its "Against the law"?

        The guy was speculating on if it was so easily done, not if it was against the law!

        If it is so easy to spoof a certificate on the Apple iCloud, I ask WHY!!!!!!

  7. Semtex451
    Headmaster

    Lets be positive

    "China Telecom, a company not noted for noncompliance with.."

    So, a company noted for compliance with Chinese government data requests.

  8. Robert Helpmann??
    Childcatcher

    Optional Title

    Competent browsers... will detect the inappropriate certificate.... But other software, such as the popular 360 Secure Browser by Chinese biz Qihoo, will gobble up the dodgy cert without warning.

    Incompetent? No, it's working as designed!

    1. Mark 65

      Re: Optional Title

      It's called the 360 Secure Browser because it spits your information through 360 degrees when publishing it to the World. Seriously, would anyone voluntarily use a "Secure Browser" made by a Chinese biz? Talk about asking for trouble.

  9. Anonymous Coward
    Anonymous Coward

    The Chinese government held up the sale of the new iPhone 6 handsets

    Please wait, our certificate-spoofing trick is not ready yet!

  10. Matt Piechota

    That's amateur hour. They should be creating signed certs using a CA and mandating any system sold in China has to trust their pet authority.

  11. Anonymous Coward
    Anonymous Coward

    Stay Calm, Click OK on the dodgy cert, and Carry On!

    Problem is -- even with the so called "competent" browsers, in my experience about 90-99% of ordinary users will stare blankly at the browser warning about the dodgy cert, their eyes will totally glaze over, they'll click past it, and carry on regardless. You see -- it still works, right? ;)

    SUGGESTION: Instead of dialog boxes, Firefox etc should display a popup animated storyboard explaining the issue. At least for the first time a dodgy cert is encountered by the browser. That would get thru to more users.

    1. Voland's right hand Silver badge

      Re: Stay Calm, Click OK on the dodgy cert, and Carry On!

      Should it change the nappy too?

      The fool and his money will soon be parted. FFS, my 6 year old daughter reads warnings thrown by the browser and refuses to click past something that looks fishy. Granted, the same daughter has been caught trying to pick a lock with a hairclip at the tender age of 4 so she is not a representative sample of "user population".

  12. Anonymous Coward
    Anonymous Coward

    America on the other hand would never spy on it's citizens in this manner

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like