Cloud

For some time now, Microsoft has offered free Windows virtual machine images to make it easier for Web developers to test their work in a bunch of different Internet Explorer versions. A new beta scheme launched today takes that one step further: with RemoteIE, devs don’t even need to download and run the virtual machine. Microsoft will run the VMs instead, using its Azure RemoteApp service to provide remote access.

Access to the remote Internet Explorer is provided through the RemoteApp client. This is a close relative of the regular Windows Remote Desktop app, and like the Remote Desktop app, it’s available on a number of platforms; not just Windows and OS X, but also iOS, and Android.

With RemoteIE, developers have full access to Internet Explorer and all its features, albeit only with software-mode WebGL. F12 developer tools are available, though there’s no ability to install add-ons or extensions to the remote browser. Sessions are limited to 60 minutes presently and will disconnect after 10 minutes of inactivity.

A screen capture shows the warning of a fake iCloud.com certificate—signed by an official Chinese certificate authority.

GreatFire.org

GreatFire.org, a group that monitors censorship by the Chinese government’s national firewall system (often referred to as the “Great Firewall”), reports that China is using the system as part of a man-in-the-middle (MITM) attack on users of Apple’s iCloud service within the country. The attacks come as Apple begins the official rollout of the iPhone 6 and 6 Plus on the Chinese mainland.

The attack, which uses a fake certificate and Domain Name Service address for the iCloud service, is affecting users nationwide in China. The GreatFire.org team speculates that the attack is an effort to help the government circumvent the improved security features of the new phones by compromising their iCloud credentials and allowing the government to gain access to cloud-stored content such as phone backups.

Chinese iCloud users attempting to log in with Firefox and Chrome browsers would have been alerted to the fraudulent certificate. However, those using Mac OS X’s built-in iCloud login or another browser may not have been aware of the rerouting, and their iCloud credentials would have been immediately compromised. Using two-step verification would prevent the hijacking of compromised accounts.