Nearly all Chinese keyboard apps have encryption flaws, exposing millions of users to keylogging


Key Topics in this News Article:

News Snapshot:

In brief: Anyone who types in Chinese using cloud-based apps from Baidu, Honor, iFlytek, Oppo, Samsung, Tencent, Vivo, and Xiaomi should update their software immediately. The Huawei service appears to be safe, but security flaws in the other apps, most of which recently received patches, could invite snooping, potentially impacting up to a billion users. Researchers recently discovered severe encryption flaws in cloud-based pinyin input software from eight companies that could allow eavesdropping. Although there is no evidence that the vulnerabilities are actively being exploited, earlier incidents make this a potentially serious issue. Chinese writing incorporates thousands of unique characters...