[Kiwikwi]

Buh? Encryption is de-facto illegal in China. To the extent SSL is used, you can be sure that the government already has a copy of the master key. I've worked on Chinese deployed train systems, and we were banned from encrypting train control signals (signing was allowed, though), just in case someone might try to sneak in a political message in an ATO control telegram...

[im2w1l]

Not breaking encryption itself. Breaking encryption to serve malicious scripts.

[icebraining]

So breaking encryption is accepted; serving malicious scripts is accepted (it's what happened in this attack), but breaking encryption to serve malicious scripts would be out of limits? That doesn't make much sense.

[im2w1l]

Serving malicious scripts is very bad, and may not actually be accepted. I know I would hesitate to use baidu analytics after this. But people might come around if they say something about SSL and wont happen again.

If the encryption is then broken and it is done again, then a) it will prove that China did it. Because you can see who signed the certificate. b) it will prove that technical countermeasures are not enough, since the problem is deeper than that.

[Estragon]

Why is encrypting train control signals a good idea? What reasons were given for the ban?

[KMag]

> Why is encrypting train control signals a good idea?

Because someone might like to mess with train signals, and in the off chance that some weakness is found in the MAC/signature scheme you're using, forcing an attacker to guess at which messages they're manipulating and how will make their attack more difficult.

If you're working with a networked application, even if it's on a non-public network, you should be asking yourself "why not encrypt?" instead of "why encrypt?". This is doubly true of critical infrastructure that's expensive and slow to replace.