GreatFire reported yesterday that Apple’s iCloud is subject to man-in-the-middle attacks allegedly backed by the Chinese government. Apple later said that it was aware of the attacks and today updated its iCloud support page (via the WSJ, Macrumors) with instructions on how to verify whether your browser is securely connected to the iCloud website.
For those awaiting a fix, well, you may want to wait a bit more. Until then, Apple’s guidelines are here to help for three browsers: Safari, Chrome, and Firefox.
After reiterating its commitment to customers’ privacy and security, Apple explains that the iCloud website is protected with a digital certificate. So if you are using Safari, for example, you are connected to the authentic iCloud website only if you see a green lock icon in the toolbar next to Apple Inc.
When using Chrome, the green lock near Apple Inc. will inform you that the identity of the website has been verified, and the same green lock appears when using Firefox.
Security and privacy are highly important to Apple, especially when it comes to iCloud — as, remember, not too long ago we saw a flood of nude images leaked from Hollywood celebrities’ iCloud accounts.