CNNIC censored Google and Mozilla’s posts about CNNIC CA

This week, Google found unauthorized digital certificates for several Google domains, the root CA of which is CNNIC. Google and Mozilla both publicly disclosed this security incident and published blog posts(Google, Mozilla). However, Chinese translations of Google’s and Mozilla's blog posts were censored on the Chinese Internet.

• William Long is a prominent Chinese blogger on IT and tech. He translated Google’s security post without adding any personal opinions. The Chinese blogpost ranked #1 when searching CNNIC MITM in Chinese on Google and Baidu. He tweeted that he received a phone call from propaganda department demanding the post to be removed immediately. The post http://www.williamlong.info/archives/4183.html was deleted. Google cache is still available.

省政府新闻办打电话来称，“谷歌称CNNIC发布中间人攻击证书”一文需要立刻删除。

— 月光博客 (@williamlong) March 26, 2015

• State owned media Huanqiu translated and re-posted Mozilla's blogpost. The post http://tech.huanqiu.com/news/2015-03/5997225.html was deletd. Google cache is still available.

• CNBeta is one of the largest tech media in China. It reported on Mozilla's blogspot. The report http://www.cnbeta.com/articles/379765.htm was deleted.

• CSDN is the largest IT community in China. Its translation on Mozilla's post http://news.csdn.net/article.html?arcid=15823317 was deleted

This again highlights CNNIC as part of censorship apparatus. CNNIC was, is and will continue to practice Internet censorship. We once again call for Google, Mozilla, Microsoft and Apple to revoke trust for CNNIC immediately in order to protect user data worldwide.