|
seev2exThere is talk of iCloud being hijacked by a man-in-the-middle. I also went to verify it. iCloud servers were hijacked by SSL man-in-the-middles, and the privacy of Chinese Apple users was not guaranteed iCloud.com have multiple IPs,https://23.48.140.239andhttps://23.13.186.46There are no replaced certificates on either iCloud server. But direct accesshttps://23.59.94.46/, the certificate was not replaced in Taiwan, and after changing the VPN of Suzhou Unicom, the certificate was replaced with a self-signed certificate. This means that iCloud servers are used in ChinaSSL man-in-the-middle hijacking, the privacy of Apple users in China is not guaranteed.If someone is unlucky enough to be returned to the IP address of this icloud.com by the DNS server and ignores the security warnings on the web page, the username and password entered into iCloud will be obtained by the person who made the self-signed certificate, and his private photos stored in iCloud and various account passwords in the key ring will be secretly copied by others. Evidence analysis Access directly with Suzhou's IPhttps://23.59.94.46/A self-signed security certificate that has not been authenticated by a trusted CA appears:
This means that the iCloud server accessed by the user is not a real iCloud server, and there is a risk that the account information will be obtained by a third party. Direct access using an IP from Taiwanhttps://23.59.94.46/There is no problem with this, the fingerprint of the certificate obtained is consistent with the fingerprint of the certificate of the real icloud.com:
And visithttps://23.48.140.239This iCloud server, whether in Taiwan or Suzhou, gets the fingerprint of the certificate that matches the fingerprint of the real icloud.com's certificate:
https://23.13.186.46The situation is also accessedhttps://23.48.140.239Similarly, regardless of whether a Chinese IP is used or not, the fingerprint of the certificate obtained is the same as that of the real icloud.com certificate.
Fingerprints with iCloud.com real certificate:
|