Baidu Allegedly Leaks Sensitive User Information
| Charissa Echavez | | Feb 29, 2016 10:33 AM EST |
(Photo : Reuters) Baidu is allegedly leaking sensitive, personal information of clients through faulty codes.
Sensitive personal information is allegedly being collected and haphazardly transmitted by thousands of app codes from Chinese web service provider Baidu, according to security experts.
University of Toronto security experts claim that millions of Chinese users have possibly been affected by the crack. The information leaked reportedly includes users' locations, search terms, visited sites and ID numbers of devices.
Like Us on Facebook
The code was discovered in a software development kit, which can be utilized to design apps and programs for Android and Window-run phones, respectively. Baidu is using it to create web browsers for Android and Windows, and a number of other firms are allegedly using the kit as well. According to the Citizen Lab in Toronto, the Baidu-made apps and browsers have been downloaded a million times.
The company has dedicated a long-term research project to studying privacy and personal data use in China. In 2015, they has discovered lapses in the Alibaba browser and their latest findings shows a number of security and privacy frailty in Baidu's code.
Citizen Lab discovered that some information such as GPS coordinates and search terms are being transferred through plain text, while the added protection on other data like unique IDs can easily be broken. With this poor app protection scheme, users are susceptible to fake updates, giving phishers a chance to illegally access phones and computers.
Citizen Lab claims that Baidu has already addressed the bug issue in the code since its attention was called to it in November last year. However, it noticed that the company is still using the poor encryption platform for sensitive information.
Baidu claims that it was collecting data for commercial use and, occasionally, it shares the information with its partners. The firm has clarified that it is not selling or passing personal information over wholesale to Chinese authorities. The company stated that it "only provides what data is lawfully requested by duly constituted law enforcement agencies."
TagsBaidu, secured apps, cybersecurity, hacking attakcs, Citizen Lab
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?
