Apple is warning its iCloud users over heightened spying risks following thediscovery of attacks which security watchers have claimed are down to crude snooping by the Chinese government.
Without naming China directly, Apple said it was "aware of intermittent organised network attacks" on its iCloud service designed to obtain user information. A support page article published on Tuesday advises users to pay close attention to browser warnings about fake certificates and never to enter passwords into sites that push out certificate warnings.
We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously. These attacks don't compromise iCloud servers, and they don't impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser.The iCloud website is protected with a digital certificate. If users get an invalid certificate warning in their browser while visiting http://www.icloud.com, they should pay attention to the warning and not proceed. Users should never enter their Apple ID or password into a website that presents a certificate warning.Full Article