As part of a Lawfare article, I performed a search across various government and industry sectors to gauge which websites relevant to Chinese national security do or do not deploy HTTPS on their login section. Many websites and login portals pertaining to government services, critical national infrastructure or a social media platform have not implemented HTTPS yet [at the time the article was published]. The websites listed below are thereby prone to be manipulated and impersonated by third parties, and sensitive data on them can be intercepted more easily. It is worth noting that some of the Chinese-based websites do deploy HTTPS. Others again embed HTTPS content in the HTTP page, but this is insufficient as someone could conduct (Wo)-Man-In-The-Middle-Attacks and replace the “authentic” login page with another “fake” one.
Government, Military, Police
People’s Public Security University of China. The university trains elite police officers and is ranked as China’s best police academy.
The Supreme People's Procuratorate of the People's Republic of China. This is the highest national level agency responsible for both prosecution and investigation.Civil Service Examination Registration System of the Ministry of Foreign Affairs.
United Front Work Department of the Central Committee of the Chinese Communist Party. The department aims to influence high-level individuals and organizations inside and outside China.
China United Airlines. China United Airlines used to be part of the People's Liberation Army Air Force.