If they abuse CNNIC, they lose CNNIC. So they just get the gullible. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		TazeTSchnitzel on Oct 20, 2014 \| parent \| context \| favorite \| on: China collecting Apple iCloud data If they abuse CNNIC, they lose CNNIC. So they just get the gullible.

pyre on Oct 20, 2014 [–]

They could also do targeted MITM attacks where only one person is served via the forged certificate. That's harder to detect, and if it's all spycraft, then the target on the receiving end is unlikely to report the breach.

TazeTSchnitzel on Oct 20, 2014 | [–]

Sure. They'll only use CNNIC in situations where people won't notice.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact