The mandatory smartphone app that athletes will use to report health and travel data when they are in China for the Olympics next month has serious encryption flaws, according to a new report.
Cedit: Roman Pilipey/EPA/Shutterstock
Canada's University of Toronto-based cybersecurity watchdog Citizen Lab has detailed encryption flaws in the mandatory smartphone application China created for Winter Olympics athletes.
Portions of the MY2022 app that will transmit coronavirus test results, travel information, and other personal data did not confirm the signature used in encrypted transfers, or failed to encrypt metadata.
The Citizen Lab researchers suspect the flaws are unintentional, since the government will already be receiving data from the app, making in-transit data interception unnecessary.
The Beijing Organizing Committee reportedly has not responded to Citizen Lab's disclosure of the flaws, and a January update has not resolved the issues.
From The New York Times
View Full Article - May Require Paid Subscription
No entries found