{"id":134230,"date":"2022-01-18T09:25:59","date_gmt":"2022-01-18T17:25:59","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2022\/01\/hacking-backdoor-security-flaws-in-chinas-mandatory-olympics-app-dw-news"},"modified":"2022-01-18T09:25:59","modified_gmt":"2022-01-18T17:25:59","slug":"hacking-backdoor-security-flaws-in-chinas-mandatory-olympics-app-dw-news","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2022\/01\/hacking-backdoor-security-flaws-in-chinas-mandatory-olympics-app-dw-news","title":{"rendered":"Hacking backdoor? Security flaws in China\u2019s mandatory Olympics app | DW News"},"content":{"rendered":"<p><\/p>\n<p><iframe style=\"display: block; margin: 0 auto; width: 100%; aspect-ratio: 4\/3; object-fit: contain;\" src=\"https:\/\/www.youtube.com\/embed\/32hNU1m63is?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; encrypted-media; gyroscope;\n   picture-in-picture\" allowfullscreen><\/iframe><\/p>\n<p>Athletes headed to the Beijing Olympic Winter Games are making final travel preparations, including keeping in line with China\u2019s health measures on the \u201cMy 2022\u2033 smartphone app. However, inadequate encryption measures within the app can leave Olympians, journalists and sports officials vulnerable to hackers, privacy breaches, and surveillance, according to a cybersecurity report by the Citizen Lab obtained exclusively by DW. Additionally, the IT forensic specialists found that the app includes a censorship keyword list. The findings come as international concern over digital safety at the Games mounts. Germany, Australia, UK and US have urged their athletes and National Olympic Committees to leave their personal phones and laptops behind and to travel with special devices over fears of digital espionage. The Dutch Olympic Committee outright banned its athletes from bringing personal phones and laptops due to surveillance concerns.<\/p>\n<p>In the Olympic Playbook for athletes and team officials, the International Olympic Committee states that the \u201cMy 2022\u2033 app is \u201cin accordance with international standards and Chinese law.\u201d But based on its findings, Citizen Lab concludes that the insecure transmission of personal information \u201cmay constitute a direct violation of China\u2019s privacy laws.\u201d This is because China\u2019s data protection laws require that a person\u2019s health and medical records held digitally be transmitted and stored in an encrypted manner. Citizen Lab\u2019s findings also raise questions concerning two Western tech giants that carry the \u201cMy 2022\u2033 app: Apple and Google. \u201cBoth Apple\u2019s and Google\u2019s policies forbid apps to transmit sensitive data without proper encryption, so Apple and Google will need to determine whether the app\u2019s unresolved vulnerabilities warrant delisting,\u201d Citizen Lab\u2019s Knockel told DW. The Beijing Organizing Committee has stood by its app, however, saying it \u201cpassed the examination\u201d of international mobile application markets such as Google, Apple and Samsung.\u201cWe have taken measures such as personal information encryption in the app to ensure privacy security,\u201d the committee said Monday to Xinhua News Agency.<\/p>\n<p>The Winter Games, which kicks off on February 4, marks the second Olympic Games during the COVID-19 pandemic. Just as at the Tokyo Summer Games, tracking athletes\u2019 health is required. According to the official Playbook of the International Olympic Committee (IOC), athletes, coaches, reporters and sports officials, as well as thousands of local staff, are required to put their information into either the \u201cMy 2022\u2033 smartphone app or website. The app, which was developed in China, is designed to monitor the health of all attendees and staff as well as trace possible COVID-19 infections. Passport data and flight information must be entered into the app. Sensitive medical information related to possible COVID-19 symptoms are also required, such as whether a person had a fever, fatigue, headaches, a dry cough, diarrhea or a sore throat. Those coming from abroad must start entering health data 14 days before arriving in the country. Many countries use a contact tracing app to help combat the pandemic. But \u201cMy 2022\u2033 combines contact tracing with other services: It regulates access to events, acts as a visitor\u2019s guide with information on sporting venues and tourist services, as well as providing chat functions (text and audio), news feeds and file transfers.<\/p>\n<p>Subscribe: <a href=\"https:\/\/www.youtube.com\/user\/deutschewelleenglish?sub_confirmation=1\">https:\/\/www.youtube.com\/user\/deutschewelleenglish?sub_confirmation=1<\/a><\/p>\n<p>For more news go to: <a href=\"http:\/\/www.dw.com\/en\/\">http:\/\/www.dw.com\/en\/<\/a><br \/> Follow DW on social media:<br \/> \u25baFacebook: <a href=\"https:\/\/www.facebook.com\/deutschewellenews\/\">https:\/\/www.facebook.com\/deutschewellenews\/<\/a><br \/> \u25baTwitter: <a href=\"https:\/\/twitter.com\/dwnews\">https:\/\/twitter.com\/dwnews<\/a>.<br \/> \u25baInstagram: <a href=\"https:\/\/www.instagram.com\/dwnews\">https:\/\/www.instagram.com\/dwnews<\/a>.<br \/> F\u00fcr Videos in deutscher Sprache besuchen Sie: <a href=\"https:\/\/www.youtube.com\/dwdeutsch\">https:\/\/www.youtube.com\/dwdeutsch<\/a>.<br \/> #Beijing2022 #WinterOlympics #China<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Athletes headed to the Beijing Olympic Winter Games are making final travel preparations, including keeping in line with China\u2019s health measures on the \u201cMy 2022\u2033 smartphone app. However, inadequate encryption measures within the app can leave Olympians, journalists and sports officials vulnerable to hackers, privacy breaches, and surveillance, according to a cybersecurity report by the [\u2026]<\/p>\n","protected":false},"author":609,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,34,1625,1495,1512,1511],"tags":[],"class_list":["post-134230","post","type-post","status-publish","format-standard","hentry","category-biotech-medical","category-cybercrime-malcode","category-encryption","category-health","category-mobile-phones","category-surveillance"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/134230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/609"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=134230"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/134230\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=134230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=134230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=134230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}