I'm Percy from GreatFire.org; the author of the report of the iCloud MITM in China <http://www.washingtonpost.com/blogs/the-switch/wp/2014/10/21/apples-icloud-service-suffers-cyber-attack-in-china-putting-passwords-in-peril/> last week. The attacks used self-signed certificate. But I believe that targeted attacks using CNNIC CA is very possible if not happened already.
Microsoft, Apple, Ubuntu and Firefox trust CNNIC(China Internet Network Information Center) as root CA. CNNIC has implemented (and tried to mask) internet censorship, produced malware and has very bad security practices. Tech-savvy users in China have been protesting the inclusion of CNNIC as a trusted certificate authority for years. You can go to https://en.greatfire.org/blog/2014/oct/apple-and-microsoft-trust-chinese-government-protect-your-communication to see more details and test whether you're vulnerable. We also present method to revoke all dubious Chinese CA. Percy Alpha(PGP <https://en.greatfire.org/contact#alt>) GreatFire.org Team
-- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
