The Chinese Olympics application was found taking advantage of the information of users. The application, which is known as the MY2022, was made obligatory for everybody going to the current year’s Olympic Games to be held in Beijing. Notwithstanding, it was found that the application has such a large number of escape clauses. The application has a security defect that can take the individual information of users, including the visa subtleties, wellbeing records, and travel narratives of users who have introduced the application. The security scientists additionally uncovered that application code has two security openings that could uncover the data of users.
2022 Olympic Games in Beijing
“MY2022, an application commanded for use by all participants of the 2022 Olympic Games in Beijing, has a basic however decimating imperfection where encryption ensuring users’ voice sound and record moves can be inconsequentially avoided. Well-being customs structures which send identification subtleties, segment data, and clinical and travel history are likewise defenseless. Server reactions can likewise be a caricature, permitting an aggressor to show counterfeit directions to users,” the vital discoveries of Citizen Lab uncovered.
The report noticed that the application gathers a scope of profoundly delicate clinical data regardless of being direct with regards to the sorts of information it gathers from users. The application doesn’t uncover with whom or which association it shares the data gathered by users. The obligatory Olympics application likewise accompanies features that permit users to report “politically touchy” content. The application has a restriction watchword list, focuses on an assortment of political points including homegrown issues, for example, Xinjiang and Tibet just as references to Chinese government offices, the discoveries uncover.
The 2022 Winter Olympic Games are relied upon to be held from February 4 to 20 in Beijing. Remembering the Covid-19 circumstance, China has made it obligatory for all worldwide and homegrown participants of the Games to download MY2022 14 days preceding their takeoff for China and to begin observing and presenting their wellbeing status to the application consistently. The MY2022 application was worked on by the Beijing Organizing Committee for the 2022 Olympics.
Report by Citizen lab
The report by Citizen lab uncovers that for homegrown users, the application gathers individual data including name, public distinguishing proof number, telephone number, email address, profile picture, and business data and offers it with the Beijing Organizing Committee for the 2022 Olympics. For worldwide users, the application gathers an alternate arrangement of by and by recognizable data, including users’ segment data and identification data, just as the association to which they have a place.