Apple Moves Chinese App Store to HTTPS, Blocks Censoring

| Analysis

Apple has switched the App Store in China from regular HTTP to HTTPS, or Hypertext Transfer Protocol Secure. By doing so, whether by design or side effect, it has thwarted the ability of censors in China from being able to block downloads or searching for specific terms on the App Store.

Censorship

GreatFire, a site that follows censorship in the world's most populous country, reported the change. By using HTTPS, the so-called "Great Firewall of China" has no way to selectively block connections to certain content. TheNextWeb also did some digging and found that this change might have taken place as early as October.

One of the big things that are now easily discoverable on Apple's App Store are VPN apps that allow Chinese users to circumvent the Great Firewall entirely. The apps have long been available, but searches for terms relating to such apps were blocked and resulted in a reset of one's connection to the App Store.

China takes control of information—or perhaps more accurately, access to information—seriously, like any good Communist dictatorship. It's unclear if the switch to HTTPS was intended as a move to stick it to censors or if it was done for some other reason.

It seems unlikely that Apple would make such a move for the sole reason of thwarting censorship. The statu quo allowed Apple to be the good American company and keep censorship under its own domain—note that the VPN apps are available in the first place—while the Great Firewall did the dirty work for the government.

It also seems unlikely that the Chinese government will allow this loophole to continue for too long. The government could put pressure on Apple to either switch back to HTTP, or perhaps even to simply remove all those objectionable apps from the App Store.

Apple's manufacturing empire is based in China, and Apple itself is seeing tremendous growth in that market, making it a very, very important place for Apple and its shareholders. The idea of Apple pulling up stakes from China in order to stand up for free speech—a somewhat hyperbolic way of summing this thing up—is all but inconceivable.

Which really means that this loophole will surely be closed one way or another sooner, rather than later. Accordingly, if you're looking for a VPN app in China for your iPhone or iPad, get it now.

Image made with help from Shutterstock.

[Via TUAW and CNET]

Comments

Nozzle

The point may be moot in light of new technology China is using to identify encrypted VPN traffic and blocking it:
http://www.guardian.co.uk/technology/2012/dec/14/china-tightens-great-firewall-internet-control

dave

It’s also moot because the Chinese government also owns several CA’s, so they can trivially create valid certificates so they can perform a man-in-the-middle attack

jbruni

If the Chinese government required Apple to surrender the private key for the SSL certificate, they would be able to decrypt the traffic while preventing midstream hackers. Apple could be using different certificates for different stores based on each country’s requirements.

jonshf

“Apple could be using different certificates for different stores based on each country‚Äôs requirements”

I notice that the Apple web page is a directory under apple.com for all countries except China. There it is apple.com.cn, a completely different domain, ergo different certificates. I’m going to assume the Chinese App Store service also uses this domain.

mike

It must be great that the chinese people could download apps that they couldn`t do it before. I am sure that the government is knowing everything about the people who are browsing on the internet. Maybe they control even the Domain Name Registration procedures.

Log-in to comment