China wants to spy on Olympians’s phones?

Athletes traveling to the Beijing Olympics are making final preparations, including installing the “My 2022” app on their smartphones. However, insufficient measures for encryption in the application do not offer sufficient protection to Olympians, journalists and sports workers from hacking, invasion of privacy and espionage, according to a research by Citizen Lab published by DW. In addition to the problematic protection, the application also contains a list of words prohibited for use.

Several countries, including Germany, Australia, the United Kingdom and the United States, have already called on their athletes and National Olympic Committees to leave their mobile phones and personal computers at home and travel with special devices for fear of digital espionage. The Dutch Olympic Committee has even explicitly banned its athletes from carrying their mobile phones and computers.

Binding application

The Beijing Olympics start on February 4. Similar to the Tokyo Summer Games, monitoring the health of athletes is a responsibility and includes coaches, journalists and officials.

The app, which was designed in China, aims to monitor the health of everyone present and detect possible infections with Covid. Numerous personal information should be entered in the application, even 14 days before entering the country.

Canada Toronto | Ski-sports women Justine Dufour-Lapointe and Chloe Dufour-Lapointe

Skiers Justin Dufour-Lapoan and Chloe Dufour-Lapoan will represent Canada at the Beijing Olympics

Researching the application from Citizen Lab, they discovered that the so-called SSL certificates – which provide data exchange between secure devices and servers – are not validated, which means that the application has a serious encryption problem. The flaw allows the application to be logged into malware and download data. The experts also found that the data traffic in the application is not protected at all. This means that metadata can be easily read by hackers.

State censorship?

Citizen Lab also discovered a text document in the application called “illegalwords.txt.” (illegal words). It contains 2,442 keywords and phrases, most written in simplified Chinese, but also a small number in Uighur, Tibetan, Traditional Chinese and English.
Keywords include many swear words, but also expressions referring to state-censored political taboo topics in communist China: criticism of the Communist Party and its leader, terms referring to Falun Gong, Tiananmen protests, Dalai Lama, Uighur minority etc.

According to the experts of Citizen Lab, for now there are no indications that the word list is actively used in the application, but it contains codes that can be easily activated and the list becomes active immediately.

Screenshot MY 2022 Olympia App

Beijing Olympics smartphone application

No response from the organizer

Citizen Lab said that they informed the Organizing Committee of the Beijing Games about problems in December this year, but did not receive any response.
Meanwhile, Apple and Google have released an updated version of the app, but it contains the same issues as the previous one.
Citizen Lab also raises the question of the responsibility of the two western technology giants – Apple and Google for the content of the application. Both companies are responsible for the applications to meet the security requirements in accordance with the data security rules.
“Both Apple and Google policies prohibit the transmission of confidential data without responsive encryption, so they should assess whether the application’s vulnerabilities are sufficient to remove their service,” said Jeffrey Connockle of Citizen Lab.

The Organizing Committee in Beijing claims that the application is safe and that it “passed the tests” in the international application markets such as Google, Apple and Samsung.
“We have taken measures such as personal information encryption to ensure the protection of privacy,” the committee told China’s Xinhua news agency on Monday.

Related Articles

Back to top button