Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] China Internet Network Information Center is a trusted root CA

Percy Alpha percyalpha at
Mon Oct 27 23:27:32 PDT 2014

I'm Percy from; the author of the report of the iCloud MITM
in China
week. The attacks used self-signed certificate. But I believe that targeted
attacks using CNNIC CA is very possible if not happened already.

Microsoft, Apple, Ubuntu and Firefox trust CNNIC(China Internet Network
Information Center) as root CA. CNNIC has implemented (and tried to mask)
internet censorship, produced malware and has very bad security practices.
Tech-savvy users in China have been protesting the inclusion of CNNIC as a
trusted certificate authority for years.

You can go to
to see more details and test whether you're vulnerable. We also present
method to revoke all dubious Chinese CA.

Percy Alpha(PGP <>) Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list