China got its first official shipments of new iPhones last week, but a new report from web censorship watchdog Great Fire indicates Chinese users may be facing an unpleasant surprise when they try to connect to Apple services at large. As of last night, the Chinese firewall is blocking all local connections to iCloud.com, redirecting those connections to a dummy site designed to look exactly like Apple’s login page. If you’re using Firefox or Chrome, you’ll land on a warning page like the one above, but if you’re using Qihoo, the most popular browser in China, you’ll be routed straight to the dummy site with no indication that it’s not being run by Apple. A similar attack is also being leveled against Microsoft’s Login.live.com, the company’s gateway for all account logins.
INSTEAD OF ICLOUD, USERS WERE DIRECTED TO A DUMMY SITE
It’s still possible for users to circumvent the attack and get through to the real iCloud andlogin.live site unscathed. The attack only targeted one of iCloud’s many IP addresses, so anyone routed to a different IP should reach the real site. A VPN service can also be used to redirect users, provided the VPN service is not also blocked by the Great Firewall. It’s the first time China has directly attacked an Apple service, but Great Fire also notes that Apple has complied with the country’s surveillance requests in the past. “Apple has a long history of working with the Chinese authorities to self-censor content in China,” Great Fire said in a statement. “While we worry for Chinese users who may have their accounts compromised, we are shedding no tears for the Apple executives.”