[cabfpub] China MITMing icloud.com

Ben Laurie benl at google.com
Wed Oct 22 13:23:41 UTC 2014

On Wed Oct 22 2014 at 2:17:15 PM Rich Smith <richard.smith at comodo.com>

> Dear 360 Browser staff,
> Thank you for this response.  As noted by others, I think your product
> needs some further work to be considered truly secure against these kinds
> of attacks, however I am glad to know that the original article's
> allegations seem to be unfounded.

The original article says "Internet users in China should first use a
trusted browser on their desktops and mobile devices - Firefox
<http://www.firefox.com.cn/> and Chrome
<https://en.greatfire.org/www.google.cn/chrome> will both prevent users
from accessing iCloud.com when they are trying to access a site that is
suffering from a MITM attack. Qihoo’s popular Chinese 360 secure browser is
anything but and will load the MITMed page directly."

which appears to be exactly what has been confirmed.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20141022/8a58c107/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 11972 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20141022/8a58c107/attachment-0003.jpg>

More information about the Public mailing list