Palestine

Mary Parent Joins Legendary as Vice Chairman of Worldwide Production

Scarlett Johansson’s ‘Ghost in the Shell’ Casts Its First Japanese Actor

‘Star Wars: The Force Awakens’ Gets DVD, Digital Release Dates

Researchers find privacy problems in popular Baidu browser

Technology 27 February 2016
11 views
Android and Windows versions of the Baidu browser have been found to have security risks. Credit: Jon Russel via flickr

University of Toronto undergrad Jing Zhou knows a lot about surveillance issues in China and Canada, but even she’s surprised by findings that hundreds of millions of people are at risk of hacking and surveillance because of a popular internet browser.


This week, the Citizen Lab at the University of Toronto’s Munk School of Global Affairs released a report showing that the Android version of Baidu Browser, made by one of China’s largest technology companies, leaks a user’s location, browsing history and other data because of poor or missing encryption whenever the browser is used.

And the browser’s Windows version leaks even more data, including computer serial numbers. Any individual, company and government can hack a device or spy on users’ online habits.

Zhou is concerned about the human rights implications given the increasing number of people from China worried about hacking and surveillance. She helps to run a U of T student club called Choose Humanity, which raises awareness about human rights abuses.

“In Toronto, there are Chinese officials surveilling students, religious practitioners and community members,” says Zhou, who moved from China to Canada in 2001 and is finishing a management degree at U of T. “Not only in Canada, but in China, the government and police track down your relations and monitor them.”

READ  The Domino King Sets Up Over 84000 Dominos To Recreate Artwork From Undertale

Baidu runs the most used search engine in China – but it’s also used around the world in Chinese, English and other languages.

Many of the vulnerabilities are due to missing or poor encryption used by something called software development kits (SDKs), which are present in more than 22,000 apps related to Baidu, researchers say. The apps have been downloaded billions of times.

“Baidu and anyone monitoring your traffic can use your hardware’s serial numbers to track your GPS location, nearby wireless networks, and every unencrypted and encrypted web page you visit,” says Jeffrey Knockel, the report’s lead author and a senior researcher at the Citizen Lab. “Most users would have no way of knowing their personal data was being transmitted this way, and would be unable to prevent it.”

In addition, Baidu Browser doesn’t include special codes (a norm with other browsers) when it downloads routine software updates, which would allow hackers to secretly install malicious software on computers and phones.

In May 2015, Citizen Lab identified similar security concerns with UC Browser,​a popular browser owned by e­commerce giant Alibaba, also based in China. The security issues in UC Browser were identified in documents leaked by Edward Snowden that revealed that intelligence agencies in Canada, the United States, the United Kingdom, Australia and New Zealand had used the vulnerabilities to identify users. 

READ  Bravely Second’s demo is ten hours long, trailer spells out how to have fun in it

The report is part of the Citizen Lab’s ongoing research into p​rivacy and security of popular mobile applications used in Asia,​ including China’s censorship of Google, Microsoft, and Yahoo search engines and its censorship and surveillance in TOM-Skype, a Chinese version of Skype.

In November 2015, Citizen Lab researchers notified Baidu of the browser’s security issues. The company released updates that remedied some of the issues in January 2016, but many still remain unresolved.

“I wouldn’t use Baidu anyway, as it’s not as good as Google,” Zhou says. “Now that I know about the problems, I’m glad that I can avoid it in Canada.

“They have to make Baidu more secure,” Zhou says. “People don’t have to undergo surveillance all the time.”


Explore further:
US senator wants Baidu to stop censorship

Source

http://phys.org/news/2016-02-privacy-problems-popular-baidu-browser.html
 
 
For all other news on the Technology

Yorumlar

Henüz hiç yorum yapılmamış.

Sorry, comments for this entry are closed at this time.

Bunlar da var!
EA Abandons E3 For Their Own Event

EA Abandons E3 For Their Own Event

27 January 2016
14 views
And The Winners Of The 9th Annual Crunchies Are…

And The Winners Of The 9th Annual Crunchies Are…

9 February 2016
25 views
New-look Britney Spears stuns fans on latest magazine cover

New-look Britney Spears stuns fans on latest magazine cover

3 March 2016
3 views
Watch Dave Grohl Play “Blackbird” For Oscars’ In Memoriam

Watch Dave Grohl Play “Blackbird” For Oscars’ In Memoriam

29 February 2016
3 views
Cooper Hefner Thinks Playboy Should Still Feature Nudity! Says His Relationship With The Mag Is Now 'Non-Existent'!

Cooper Hefner Thinks Playboy Should Still Feature Nudity! Says His Relationship With The Mag Is Now 'Non-Existent'!

11 February 2016
16 views
Affleck hilariously smuggles Damon onto Kimmel

Affleck hilariously smuggles Damon onto Kimmel

1 March 2016
5 views
Picasa being shuttered in shift to Google Photos

Picasa being shuttered in shift to Google Photos

13 February 2016
9 views
Here's How 'Star Wars 8' Is Dealing with Spy Drones On Set

Here's How 'Star Wars 8' Is Dealing with Spy Drones On Set

19 February 2016
5 views
Victoria, Victoria Beckham Fall 2016 RTW

Victoria, Victoria Beckham Fall 2016 RTW

25 February 2016
10 views
Rock Après-Ski Style With These Cool Celebrity Tips

Rock Après-Ski Style With These Cool Celebrity Tips

22 January 2016
12 views
'Keeping Up With The Kardashians' Cast: How Does Family Feel About Their Portray In O.J. Simpson Docuseries? [VIDEO]

'Keeping Up With The Kardashians' Cast: How Does Family Feel About Their Portray In O.J. Simpson Docuseries? [VIDEO]

5 February 2016
27 views