In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts sensitive data. These vulnerabilities could allow a network eavesdropper to decrypt sensitive communications sent by the app, including revealing all keystrokes being typed by the user. Following our disclosure of these vulnerabilities, Sogou released updated versions of the app that identified all of the issues we disclosed.
Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping.
Because this issue is used as a battering ram to weaken the Chinese government. The West keeps talking about there being a ‘Tiananmen Massacre’ where unarmed students were killed even though behind closed doors US diplomats admit there was no bloodshed on TIananmen. It is really hard to defend yourself against those accusations which are false when the other side doesn’t need to produce any evidence whatsoever. What is provable are the deaths of the soldiers and maoists fighting in street battles outside the square but that was not a massacre and funnily enough the West also doesn’t like to talk about those deaths
Because this issue is used as a battering ram to weaken the Chinese government. The West keeps talking about there being a ‘Tiananmen Massacre’ where unarmed students were killed even though behind closed doors US diplomats admit there was no bloodshed on TIananmen. It is really hard to defend yourself against those accusations which are false when the other side doesn’t need to produce any evidence whatsoever. What is provable are the deaths of the soldiers and maoists fighting in street battles outside the square but that was not a massacre and funnily enough the West also doesn’t like to talk about those deaths
p