Privacy
Posts tagged “Privacy”
「請勿公開」:搜狗拼音輸入法 (Sogou Keyboard) 加密中的漏洞使按鍵暴露於網路竊聽之風險
我們分析了騰訊的搜狗拼音輸入法,該輸入法每月活躍使用者超過 4.5 億,是中國最受歡迎的中文輸入法。
“Please do not make it public”: Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping
In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts sensitive data. These vulnerabilities could allow a network eavesdropper to decrypt sensitive communications sent by the app, including revealing all keystrokes being typed by the user. Following our disclosure of these vulnerabilities, Sogou released updated versions of the app that identified all of the issues we disclosed.
Should We Chat? Privacy in the WeChat Ecosystem
We conducted the first analysis of WeChat’s tracking ecosystem. Using reverse engineering methods to intercept WeChat’s network requests, we identified exactly what types of data the WeChat app is sending to its servers, and when. This report is part one of a two-part series on a privacy and security analysis of the WeChat ecosystem.
Privacy in the WeChat Ecosystem Explained
This FAQ accompanies the full report on privacy in the WeChat ecosystem. We analyzes privacy issues with popular app WeChat by reviewing the data collected by the app and sent to WeChat servers during the regular operation of its various features. We find that they collect more usage data than is disclosed in the WeChat privacy policy.
Christopher Parsons Delivers Testimony to the Standing Committee on Access to Information, Privacy and Ethics
These comments are meant to identify areas of data governance that need improvement with regards to the Government of Canada’s use of mobility data, and personal and anonymized information more generally, as well as the management of such information by private organisations.
Pandemic Privacy Explained
On September 28, the Citizen Lab published an analysis of COVID-19 data collection practices. In this post, we discuss the significance of the findings with report authors.
Pandemic Privacy: A Preliminary Analysis of Collection Technologies, Data Collection Laws, and Legislative Reform during COVID-19
In this report, we undertake a preliminary comparative analysis of how different information technologies were mobilized in response to COVID-19 to collect data, the extent to which Canadian laws impeded the response to COVID-19, and the potential consequences of reforming data protection or privacy laws to enable more expansive data collection, use, or disclosure of personal information in future health emergencies.
TikTok and Douyin Explained
In this explainer, we discuss the findings of our comparative analysis of security, privacy, and censorship issues in TikTok and Douyin.
TikTok vs Douyin: A Security and Privacy Analysis
A comparative analysis of security, privacy, and censorship issues in TikTok and Douyin, both developed by ByteDance.