Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Leaves Chinese CNNIC Root In OS X and iOS Trusted Stores

Posted by timothy on from the trusted-by-whom dept.

Trailrunner7 writes When it was revealed late last month that a Chinese certificate authority had allowed an intermediate CA to issue unauthorized certificates for some Google domains, both Google and Mozilla reacted quickly and dropped trust in CNNIC altogether. Apple on Wednesday released major security upgrades for both of its operating systems, and the root certificate for CNNIC, the Chinese CA at the heart of the controversy, remains in the trusted stores for iOS and OS X. The company has not made any public statements on the incident or the continued inclusion of CNNIC's certificates in the trusted stores.

10 of 100 comments (clear)

  1. There's a shock... by fuzzyfuzzyfungus · · Score: 4, Insightful

    Hey, they weren't spying on our SSLed services today, so we still totally trust them! Also, have you seen how lucrative the Chinese market could be?

  2. Chinese market by Anonymous Coward · · Score: 2, Insightful

    Apple is worried that doing the right thing will make them loose market share in China.

    1. Re:Chinese market by NotDrWho · · Score: 2, Insightful

      I doubt any Apple execs know what the phrase "doing the right thing" even means.

      --
      SJW's don't eliminate discrimination. They just expropriate it for themselves.
  3. Apple is exposed to China operations by Sandbox-Six-Actual · · Score: 5, Insightful

    Remember that unlike Google, Apple has deep manufacturing and retail ties into the Chinese market, which is seen as a key strategic part of cost management and future market/revenue expansion.

    Even though CNNIC is very cozy with the Chinese MSS and the variety of PLA workforces associated with externally focused compromise, it is an organ of the Chinese government, which works differently from many others. If you were to offend the quasi-governmental agencies that deal IPs and such things in the US, you might not get "favorable" treatment, but the US FTC and others aren't exactly likely to swoop in and close you down either.

    China has shown with Google and Twitter and others that if you aren't willing to play ball with their government, they have enough control over everything that they can effectively disadvantage you in the market. They can arbitrarily sieze assets, justice is somewhat malleable, and the Great Firewall means no matter how big you are, entire segments of you traffic base can be reduced because the average person isn't going to work hard to get around the censors.

    The last thing Apple needs right now is to create another "front" to wrestle with a government on in such a strategic market. Even if the truth is that CNNIC probably isn't really the most trustworthy "root" in the world. But its also hard to blame them when the Snowden revelations have revealed that certain types of exported hardware devices could be diverted in the shipping process, etc, etc.

    1. Re:Apple is exposed to China operations by denis-The-menace · · Score: 2, Insightful

      And we have a winner!

      Sorry, I have no Mod points for you.

      --
      Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
    2. Re:Apple is exposed to China operations by Anonymous Coward · · Score: 3, Insightful

      The last thing Apple needs right now is to create another "front" to wrestle with a government on in such a strategic market. Even if the truth is that CNNIC probably isn't really the most trustworthy "root" in the world.

      In other words, Apple has sold out its customers, but hey! They want to make money, so who can blame them for this betrayal.

      But its also hard to blame them when the Snowden revelations have revealed that certain types of exported hardware devices could be diverted in the shipping process, etc, etc.

      So the NSA has behaved badly, and this makes China's misbehavior OK, and Apple's betrayal of its customers, and its assistance of China in undermining network security for all of its users, absolutely OK.

      Got it.

    3. Re:Apple is exposed to China operations by mrchaotica · · Score: 4, Insightful

      Clearly, then, the only choice is for all non-China users to consider Apple to be no longer trusted.

      --

      "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz

  4. Follow the money by JoeyRox · · Score: 5, Insightful

    China's vociferous response to Google removing CNNIC's root certificate authority is the reason Apple is not taking action. Apple is a very principled company until those principles start costing them money.

  5. ...and here I was, about to buy an Apple laptop... by FreeUser · · Score: 2, Insightful

    We are talking apple users here, not Linux users. All three Apple users who know these steps have probably already done so. The other several hundred million are fucked, and Apple has now publicly taken a stance that they plan to hang those millions out to dry.

    Ironically, I was going to buy an apple laptop for sheer convenience (and to run more recent versions of scrivener), but now I most certainly won't. Time to research good Linux laptop alternatives instead (ideally with high-end graphics capabilities that support blender's cycles module ... wonder how well Optimus is supported these days). Oh well, it will probably be cheaper anyway. Maybe I can treat myself a 4k monitor with the money saved.

    --
    The Future of Human Evolution: Autonomy
  6. Re:Are non-China users safe? by fustakrakich · · Score: 4, Insightful

    This confirms the absolute uselessness of this whole 'certificate' thing, except for tracking purposes of course.

    --
    “He’s not deformed, he’s just drunk!”