Chinese keyboard apps allow eavesdropping

Almost all Chinese keyboard apps around the world they have a security hole which makes it possible to spy on what users type.

The vulnerability, which allows sub of typing data these apps send to the cloud has existed for years and could have been exploited by cybercriminals and government surveillance groups, according to researchers at Citizen Lab, a research lab and security with the University of Toronto.chona smartphone

These apps help users type Chinese characters more efficiently and are ubiquitous on devices used by Chinese people. The four most popular apps, made by big companies such as Baidu, Tencent and iFlytek, basically represent all the typing methods used by Chinese people.

The researchers also looked at the keyboard apps that come pre-installed on Android phones sold in China. What they discovered was shocking. Almost every third-party app and Android phone with pre-installed keyboards failed to protect users by properly encrypting that they typed. A smartphone made by Huawei was the only device where no such vulnerability was found.

In August 2023, the same researchers discovered that Sogou, one of the most popular keyboard apps, was not using Transport Layer Security (TLS) when transmitting typing data to the cloud server for better typing. Without TLS, a widely used international encryption protocol that protects users, keystrokes can be collected and then decrypted by third parties.

Although Sogou fixed the problem after it was made public last year, some Sogou keyboards pre-installed on phones have not yet been updated to the latest version.

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















giorgos

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).