You are welcome to discuss various security topics with our professional team and other users like you!
Read our Registration Agreement and create your FREE account here!

« previous next »
Pages: [1]   Go Down
*

mcinn

  • **
  • 68
  • +26/-0
      • View Profile
Attention, Baidu browser users!
« on: February 24, 2016, 11:20:39 am »
If you're based in China, or are Chinese for that matter, chances are you are using Baidu browser regularly. Well, no matter where you are, you should know that Baidu has been involved in a privacy scandal.

Researchers recently discovered that the Baidu browser collects personal information about its users and then sends it to its servers without having it properly encrypted. Or if it was encrypted, it wasn't encrypted safely enough to 'resist' decryption.

Baidu browser would also check for updates and download them without applying code signatures. A lack of code signatures could cause MitM (man-in-the-middle) type of attacks. In such a scenario, an attacker can send out malicious files to users, masqueraded as Baidu updates.

The security firm that made those findings is Citizen Lab: https://citizenlab.org/2016/02/privacy-security-issues-baidu-browser/

« Last Edit: February 24, 2016, 11:34:36 am by mcinn »
Logged
Pages: [1]   Go Up
« previous next »