Amidst reports that a series of man-in-the-middle-attacks has been launched against Apple’s iCloud in China—one report specified that agents working for the government of China were deeply involved—Apple has posted a security document warning consumers and offering practical tips on how to avoid being victimized.
The document delivers “tips about how to ensure you’re connected to iCloud proper and not a redirected spoof site designed to lure you into revealing your credentials,” said a report in TechCrunch. “In Safari, that means validating the certificate via the green address bar title and the message revealed when you click the lock icon, and in Chrome, that means check the green lock icon next to the address owner name to verity that it is indeed Apple. Apple also details the errors you’ll see if there isn’t a secure connection possible.”
The accusations against Beijing came from Greatfire.org, a group that tracks Chinese censorship issues. The attackers “interposed their own website between users and Apple’s iCloud server, intercepting data and potentially gaining access to passwords, iMessages, photos and contacts,” according to a story posted by Reuters.
“Greatfire.org said the attack most likely could not have been staged without knowledge of Internet providers like China Telecom, given they appeared to originate from ‘deep within the Chinese domestic Internet backbone,'” Reuters reported. “Apple said at the time the move to China Telecom was made to improve the speed of service for Chinese servers and flatly denied the possibility that it would expose user data.”
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More