In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts sensitive data. These vulnerabilities could allow a network eavesdropper to decrypt sensitive communications sent by the app, including revealing all keystrokes being typed by the user. Following our disclosure of these vulnerabilities, Sogou released updated versions of the app that identified all of the issues we disclosed.
Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping.
If it’s a app, including fucking tik tok you bunch of morons, that was developed by a Chinese company all of the data on your device is going back to the CCP. It’s just that fucking simple people.
That’s a bit over the top. The app only has access to the data you give it permission to access. So TikTok may have access to your contacts (don’t give TikTok access to your contacts, guys), but it won’t have access to your text messages or activity data.
If it’s a app, including fucking tik tok you bunch of morons, that was developed by a Chinese company all of the data on your device is going back to the CCP. It’s just that fucking simple people.
That’s a bit over the top. The app only has access to the data you give it permission to access. So TikTok may have access to your contacts (don’t give TikTok access to your contacts, guys), but it won’t have access to your text messages or activity data.