It doesn't call out attacks from China, but Apple does respond.. if you didn't know how to check it (I'm assuming that if you read my blog, you probably do... I hope you do...). But here's Apple's directions on how to check the digital certificate associated with the iCloud website.
http://support.apple.com/kb/HT6550?viewlocale=en_US&locale=en_US
"The iCloud website is protected with a digital certificate. If users get an invalid certificate warning in their browser while visiting www.icloud.com, they should pay attention to the warning and not proceed."
I have a couple of thoughts on this.. you knew I would.
First, the iCloud website is indeed NOT protected by a digital certificate. The digital certificate in and of itself is part of a protection scheme, but I wouldn't hang my hat on a digital certificate keeping bad guys out of iCloud.
Second, leaving this to users to check, 'pay attention to the warning and not proceed' strikes me smack in the funny bone. I want to laugh, but it hurts when I get hit there. Check that digital cert every time you log in. I wonder if my mom will check it when she logs in. Will yours?
No comments:
Post a Comment