International anti-virus giant McAfee exposure Sogou input method vulnerability

The McAfee Laboratory of the Global Well-known Safety Company has known the official blog, and its researchers discovers that Sogou input method collected and uploaded user equipment information, and using the plaintext HTTP to transmit user personal information and enterprise data, this is easy to cause information being hacked. . The McAfee laboratory represents Sogou input Method, and called on its repair of these vulnerabilities in the safety development cycle.

The following is the full text of the McAfee blog:

Sogou is a popular Chinese input method software, claims to have more than 400 million users. When the user is pinyin input, the Sogou input method can give a prompt, and the user can make a text without spelling all letters, simplifying the user input. (For example, when entering “Hello” Pinyin “Nihao”, the user can appear the desired text options in NH.)

We need so much to a input method, which is why we install this software on a Windows7 computer. However, when we connect a IPOD to a Windows 7 computer installed on the Sogou input method via the USB interface, then some information will be found on the packet capture tool fiddler.

At first glance, this information may not be intentionally. But we will have such questions: Why a input method software needs to collect this information: the user connects a iOS device (iPod 5), running iOS7.0, serial number is “650 …”, “USB # root_hub20 # 48 … “is connected to the computer.

When the researcher connects to a Android phone, the Fiddler collects similar information.

In this case, the device information collecting the user is really unexpected. A input method software collects this information is more impulsive.

What’s more scary is that this information is also open-text HTTP transmission, which will undoubtedly attract hackers to intercept this data. To know that the world is covered with malicious mobile hotspots.

We call for application developers (Sogou) to fix these vulnerabilities in the security development cycle.

Note: Fiddler is a powerful packet crawler software. It acquires data of the program HTTP communication through the proxy manner, which can be used to detect the interaction of the web page and the server.

English Original: apps sending plain http Put Personal Data AT Risk