China Internet Agency Says Google Move 'Unacceptable'

China Internet Agency Says Google Move 'Unacceptable'
Advertisement
A Chinese Internet regulator on Thursday slammed as "unacceptable" a decision by Google Inc to no longer recognise its certificates of trust, a move which could deter Chrome browser users accessing sites approved by the authority.

Google said on its official security blog on Wednesday that it would no longer recognise the China Internet Network Information Center (CNNIC) certificate authorities, following a joint investigation between the company and CNNIC into a potential security lapse last month.

That means that users of Google's Chrome, the world's top Internet browser, may get a warning when attempting to visit sites certified by CNNIC. It was not immediately clear how many websites CNNIC has certified and could yield warning messages.

CNNIC, which plays a central role in administering China's Internet by allocating and certifying IP addresses and web domain names, urged Google to consider user rights and interests.

"The decision that Google has made is unacceptable and unintelligible," the agency said in a statement on its website.

Last week CNNIC's certificates, which are used to ensure that the connection between an Internet user and a website is secure, came under scrutiny after an official Google blog post said the Chinese agency had allowed Cairo-based MCS Holdings to issue unauthorised certificates for various Google domains.

That rendered connections between users and those websites vulnerable to 'man-in-the-middle' hacking attacks, Google said. These attacks can intercept and alter communications.

Microsoft Corp and Mozilla, which together with Google develop three of the world's most-used web browsers, also removed trust of those unauthorised certificates last week, following Google's post.

"While neither we nor CNNIC believe any further unauthorised digital certificates have been issued, nor do we believe the misissued certificates were used outside the limited scope of MCS Holdings' test network, CNNIC will be working to prevent any future incidents," Google said on Wednesday.

The U.S. search giant added that CNNIC was welcome to reapply for recognition "once suitable technical and procedural controls are in place," and CNNIC's existing certificates would be trusted for a limited time through a whitelist.

MCS Holdings said in a statement on its website last week that the security lapse was the result of human error following testing of certificates issued to it by CNNIC, which was meant to take place in a controlled environment.

The Cyberspace Administration of China, the country's Internet regulator, did not immediately respond to a request for comment.

Google shut down its local search engine in China in 2010 over censorship concerns, and most of its services are now inaccessible in China.

© Thomson Reuters 2015

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Google, Internet
Tech Leaders Call for Anti-Discrimination Laws to Protect Gays in All 50 States
Intex Aqua Desire HD With Octa-Core SoC Launched at Rs. 8,990
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »