Chinese Winter Olympics App Has 'Devastating' Security Flaws, Burner Phones Recommended
A COVID-19 monitoring app for athletes and attendees of the Beijing Winter Olympics Games has been found to have security issues that could allow a hacker to steal personal information.
“My 2022” is an app created by China to track health information during the Games. It also has other features like voice chat, the ability to transfer files, and updates about the Olympics.
A report released Tuesday by Toronto-based cybersecurity watchdog organization Citizen Lab said the app does not correctly encrypt data and was found to have “censorship keywords.” The keyword list includes the names of Chinese leaders and government agencies. It also references the 1989 killing of pro-democracy protestors as well as Falun Gong, a banned religious group in China.
“An app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped,” the report said.
The report warned attendees that they should use burner phones rather than their personal phones, and to use separate emails while at the Winter Games in China.
Another report obtained by BBC News shows concern over possible security breaches due to "the sophisticated and broad surveillance culture that exists in China.”
"China's national data security laws are not designed with the Western values of privacy and liberty and do not offer the same level of protection," the report said.
Chinese state media Global Times dismissed concerns about the app in a report on Tuesday, noting that "all personal information will be encrypted to ensure privacy." Global Times pointed out that the app was similar to one that was used at the Tokyo Games.
The Winter Olympics start on Feb. 4.
© Copyright IBTimes 2024. All rights reserved.