[cabfpub] China MITMing icloud.com

Rich Smith richard.smith at comodo.com
Wed Oct 22 06:16:47 MST 2014 

Dear 360 Browser staff,

Thank you for this response.  As noted by others, I think your product needs
some further work to be considered truly secure against these kinds of
attacks, however I am glad to know that the original article's allegations
seem to be unfounded.  I think I can safely speak for all Forum members in
saying that we look forward to working with you to further enhance the
SSL/TLS certificate usage and security within the Chinese market.

 

Kind regards,

Rich Smith

Validation Manager

Comodo

 

 

From: 高寒蕊 [mailto:gaohanrui at 360.cn] 
Sent: Tuesday, October 21, 2014 11:20 PM
To: richard.smith at comodo.com; public at cabforum.org
Cc: 王天平; 贾正强; 石晓虹
Subject: 答复: [cabfpub] China MITMing icloud.com

 

This article is not the truth.

360 browser can identify the fake certification and alert the users in both
address-bar and the infobar (the yellow tip right on top of the page).
Attached you can find the screenshot.

 



 

 

We also made the announcement to our users in major it websites(CNET
<http://www.cnetnews.com.cn/2014/1021/3036881.shtml> , ChinaByte
<http://soft.chinabyte.com/32/13115032.shtml> , etc.) and Sina Weibo
<http://weibo.com/1709486153/BsAXnxSbS?mod=weibotime&type=comment#_rnd141394
6061334>  (aka, the Chinese twitter). 

 

Any other questions?

 

Thanks,

360 Browser

 

 

发件人: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] 代
表 Rich Smith
发送时间: 2014年10月21日 22:41
收件人: public at cabforum.org
主题: [cabfpub] China MITMing icloud.com

 

https://en.greatfire.org/blog/2014/oct/china-collecting-apple-icloud-data-at
tack-coincides-launch-new-iphone

 

The above article states that within China's great firewall, www.icloud.com
is connecting with a self signed certificate.  The article also states that
the Qihoo 360 Browser passes the user right through with no warning or other
indication that the connection is unsafe.

 

I have no way to independently verify that accusation, BUT given that we
just approved the 360 Browser's CA/B membership application, I think this
needs to be investigated.

 

If the accusation is found to be accurate, barring a VERY good explanation
from the 360 Browser team, I would move for their immediate expulsion from
this Forum.

 

-- 

Regards,

Rich Smith

Validation Manager

Comodo

http://www.comodo.com <http://www.comodo.com/> 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20141022/1ba37047/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 11972 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20141022/1ba37047/attachment-0001.jpe 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6378 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20141022/1ba37047/attachment-0001.bin

More information about the Public mailing list