[Cryptography] Chinese MITM Attack on iCloud

Henry Baker hbaker1 at pipeline.com
Tue Oct 21 10:07:43 EDT 2014


Instead of whining & whinging like FBI's Comey,

http://www.fbi.gov/news/speeches/going-dark-are-technology-privacy-and-public-safety-on-a-collision-course

the Chinese appear to be getting on with iPhone spying business as usual:

http://www.netresec.com/?page=Blog&month=2014-10&post=Chinese-MITM-Attack-on-iCloud

The timing seems far too convenient; Apple's rollout in China appears to have been delayed until the MITM machinery was ready.

Of course, Apple seems to also have left a few back doors open in OSX Yosemite -- perhaps on purpose.  One can only wonder if the same type of back doors were also left open in iOS8...

"It would seem that no matter how you configure Yosemite, Apple is listening.  Keeping in mind that this is only what's been discovered so far, and given what's known to be going on, it's not unthinkable that more is as well."

http://apple.slashdot.org/story/14/10/20/003257/if-youre-connected-apple-collects-your-data

This is the project that is producing software to find out what data Apple is busy collecting:

https://github.com/fix-macosx/yosemite-phone-home/

Choosing a non-Apple Safari search engine raises eyebrows:

"The logs show that *** a copy of your Safari searches are still sent to Apple, even when selecting DuckDuckGo as your search provider, *** and 'Spotlight Suggestions' are disabled in System Preferences > Spotlight."

as does a non-Apple email account:

"When setting up a new Mail.app account for the address admin at fix-macosx.com, which is hosted locally, searching the logs for "fix-macosx.com" shows that *** Mail quietly sends the domain entered by the user to Apple, too. ***"

---
Methinks Mr. Comey doth protest too much...



More information about the cryptography mailing list