China Accused of Infiltrating Apple’s iCloud

China Accused of Infiltrating Apple’s iCloud

Apple’s aggressive promotion of encryption for its devices’ internal storage has won praise from privacy advocates and criticism from U.S. law enforcement, met in turn with vigorous counterargument and talk of a reopening of the “Crypto wars” of the 1990s. As Apple itself has argued, however, data stored in the cloud remains relatively vulnerable. Censorship monitor highlighted this risk on Monday, revealing an apparent attempt to intercept Apple users’ iCloud data across China:

This is clearly a malicious attack on Apple in an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc. Unlike the recent attack on Google, this attack is nationwide and coincides with the launch today in China of the newest iPhone. While the attacks on Google and Yahoo enabled the authorities to snoop on what information Chinese were accessing on those two platforms, the Apple attack is different. If users ignored the security warning and clicked through to the Apple site and entered their username and password, this information has now been compromised by the Chinese authorities. Many Apple customers use iCloud to store their personal information, including iMessages, photos and contacts. This may also somehow be related again to images and videos of the Hong Kong protests being shared on the mainland.

[…] This attack will come as a surprise to Apple. In the past, the company has had a bromance with the authorities and have blindly acquiesced when asked to remove apps from the China app store. With such a close, cozy and snuggly relationship, it is hard to imagine that the executives at Apple felt that they would get this kind of treatment in China. Tim Cook is looking in his mirror now and crying “What did I do wrong?”.

This episode should provide a clear warning signal to foreign companies that work with the Chinese authorities on their censorship agenda. […] [Source]

The post includes evidence of the attack and advice on how to avoid it.

One recent development in the Cupertino-Beijing “bromance” was Apple’s decision to host Chinese users’ information on servers within the country, leased from China Telecom. The company claimed that encryption would prevent unauthorized access, but questions remain over its vulnerability to legal requests from authorities.

Meanwhile, Apple’s new Yosemite desktop operating system has been found to transmit search and location data, though this can easily be disabled.


Subscribe to CDT


Browsers Unbounded by Lantern

Now, you can combat internet censorship in a new way: by toggling the switch below while browsing China Digital Times, you can provide a secure "bridge" for people who want to freely access information. This open-source project is powered by Lantern, know more about this project.

Google Ads 1

Giving Assistant

Google Ads 2

Anti-censorship Tools

Life Without Walls

Click on the image to download Firefly for circumvention

Open popup

Welcome back!

CDT is a non-profit media site, and we need your support. Your contribution will help us provide more translations, breaking news, and other content you love.