Encryption
Posts tagged “Encryption”
「請勿公開」:搜狗拼音輸入法 (Sogou Keyboard) 加密中的漏洞使按鍵暴露於網路竊聽之風險
我們分析了騰訊的搜狗拼音輸入法,該輸入法每月活躍使用者超過 4.5 億,是中國最受歡迎的中文輸入法。
「冬奧通」安全分析
「冬奧通」是2022年北京奧運會官方規定與會者必須安裝的一個手機軟件。本研究指出「冬奧通」有一個簡單但後果嚴重的安全漏洞,即其用于加密用戶語音音頻和文件傳輸的加密技術可以輕易被繞過。健康申報表等傳輸詳細護照等個人資料,個人健康信息以及旅遊史等也存在安全漏洞。服務器響應也可以被欺騙,允許攻擊者向用戶顯示虛假指令。
Cross-Country Exposure: Analysis of the MY2022 Olympics App
MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Health customs forms which transmit passport details, demographic information, and medical and travel history are also vulnerable. Server responses can also be spoofed, allowing an attacker to display fake instructions to users.
“冬奥通”安全分析
“冬奥通”是2022年北京奥运会官方规定与会者必须安装的一个手机软件。本研究指出“冬奥通”有一个简单但后果严重的安全漏洞,即其用于加密用户语音音频和文件传输的加密技术可以轻易被绕过。健康申报表等传输详细护照等个人资料,个人健康信息以及旅游史等也存在安全漏洞。服务器响应也可以被欺骗,允许攻击者向用户显示虚假指令。
تحرك بسرعة واستخدم تشفيرك الخاص: نظرة سريعة على سرية اجتماعات Zoom
يفحص هذا التقرير التشفير الذي يحمي الاجتماعات في تطبيق Zoom الرائج. وجدنا أن Zoom لديه نظام تشفير “خاص به” ، ويحتوي على نقاط ضعف كبيرة. بالإضافة إلى ذلك حددنا نقاط تثير القلق في البنية التحتية لـ Zoom ، بما في ذلك نقل مفاتيح التشفير للاجتماعات عبر الصين.
Canada’s New and Irresponsible Encryption Policy: How the Government of Canada’s New Policy Threatens Charter Rights, Cybersecurity, Economic Growth, and Foreign Policy
The proposed rationales for weakening encryption would exchange marginal gains in limited investigative situations for significant loses with regards to Canadians’ abilities to exercise their rights and freedoms while simultaneously undermining cybersecurity, economic development, and foreign affairs. Minister Goodale should stop calling persons with well-considered policy positions on the importance of enabling the availability of strong encryption as supporters of child abusers, and get on with his job of trying to keep Canadians safe instead of endangering them with his irresponsible and dangerous encryption policy.
Shining a Light on the Encryption Debate: A Canadian Field Guide
Critical analysis and insight that navigates the complex implications of ongoing encryption debates.
Secure Your Chats: Why Encrypted Messaging Matters
End-to-end encrypted messaging is effective at protecting the content of your messages from being read as they travel across the Internet to your friends and family. This is why the Citizen Lab has released Secure Your Chats: a Net Alert resource that outlines how to safely use end-to-end encryption.
Christopher Parsons on The Agenda with Steve Paikin
Citizen Lab Research Associate Christopher Parsons joined The Agenda with Steve Paikin to discuss the controversial Bill C-51, anti-terrorism legislation passed by the previous Conservative government. He joined a panel to discuss potential changes to the law, which has been used by agencies like the RCMP and Canadian Association of Chiefs of Police to petition for new powers to access telephone and Internet data.