[HN] “Please do not make it public” (Tencent’s Sogou Input Method)
[HN] “Please do not make it public” (Tencent’s Sogou Input Method)
citizenlab.ca “Please do not make it public”: Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping - The Citizen Lab
In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts sensitive data. These vulnerabilities could...
[ comments | sourced from HackerNews
