In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts sensitive data. These vulnerabilities could allow a network eavesdropper to decrypt sensitive communications sent by the app, including revealing all keystrokes being typed by the user. Following our disclosure of these vulnerabilities, Sogou released updated versions of the app that identified all of the issues we disclosed.
Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping.
What were the repercussions for saying they were dissatisfied? Say what you will, but the US doesn’t use your loved ones as leverage if you speak out against the US. Their embassies don’t arrest and detain American civilians in other countries.
Aside from all that, I sincerely find it hard to believe that 93% of people in a country will agree on something, let alone their government. To me that indicates a fear of criticism, not an amazing government.
What were the repercussions for saying they were dissatisfied? Say what you will, but the US doesn’t use your loved ones as leverage if you speak out against the US. Their embassies don’t arrest and detain American civilians in other countries.
Aside from all that, I sincerely find it hard to believe that 93% of people in a country will agree on something, let alone their government. To me that indicates a fear of criticism, not an amazing government.