Orca 🌻 | 🎀 | 🪁 | 🏴🏳️⚧️<p><span>虽然很多人应该已经知道了:<br>手机上的搜狗输入法会给服务器发送手机上安装的所有应用的列表(当然也包括你安装的:Telegram,Signal,Element,Shadowsocks等)。<br><br>来自公民实验室的报告:</span></p><blockquote><span>As one other example of the kind of transmitted data vulnerable to this attack, we observed that for EncryptWall requests sent to </span><code>http://v2.get.sogou.com/q</code><span>, when “U” was </span><code>http://update.ping.android.shouji.sogou.com/update.gif</code><span>, </span><b><span>“P” was a query string containing a list of every app installed on the Android device</span></b><span>. We are unaware of what feature this data transmission is intended to implement. While one can imagine knowing which app a user is presently using may be useful for providing better typing suggestions in that app, it is difficult to imagine how knowing every app that a user has installed can provide better typing suggestions, even apps which users do not intend to use with Sogou Input Method.</span></blockquote><a href="https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/" rel="nofollow noopener noreferrer" target="_blank">https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/</a><span><br><br></span><a href="https://nya.one/tags/搜狗输入法" rel="nofollow noopener noreferrer" target="_blank">#搜狗输入法</a><span> </span><a href="https://nya.one/tags/隐私" rel="nofollow noopener noreferrer" target="_blank">#隐私</a><span> </span><a href="https://nya.one/tags/安全" rel="nofollow noopener noreferrer" target="_blank">#安全</a><p></p>
最近搜索
无最近搜索
搜索选项
只有登录后才可用。
o3o.ca 是可用于参与联邦宇宙的众多独立 Mastodon 站点之一。
欢迎来到o3o(嘟站)!这是一个泛话题社区,无论你的兴趣是什么,你都可以自由地通过发布“嘟嘟”来吐槽一切、摸鱼扯皮。
本社区由位于加拿大的 O3O.Foundation 项目运营。我们相信由社会组织运营基本通讯软件和设施是必要的,它们不应被控制在大型企业和政府手中。
服务器统计数据:
2.9 K活跃用户
#搜狗输入法
0 条嘟文 · 0 人讨论 · 今日 0 条嘟文
獨孤求敗<p>呵呵,<a href="https://o3o.ca/tags/%E6%90%9C%E7%8B%97%E8%BE%93%E5%85%A5%E6%B3%95" class="mention hashtag" rel="tag">#<span>搜狗输入法</span></a> 被AppStore下架啦</p>
将文件拖放到此处开始上传