In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts sensitive data. These vulnerabilities could allow a network eavesdropper to decrypt sensitive communications sent by the app, including revealing all keystrokes being typed by the user. Following our disclosure of these vulnerabilities, Sogou released updated versions of the app that identified all of the issues we disclosed.
Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping.
Didn’t swiftpad or whatever its called send every key pressed to Microsoft?
Not a China shill. China is horrible. Microsoft less so as they don’t commit genocide in slow motion. But still, I think this sort of thing is more common than we think.
I mean like the FBI buys all that data without a warrant anyways… So st least we pretend its not happening but like were practically looking in a mirror
I think China’s worse. In many cases much worse, in some cases only a bit worse. But I do not excuse America.
Look at Xinjang. The Uyghurs are facing cultural eradication. Look at African Americans. Their situation is still bad and not ok! But it is the lesser evil when you compare what the US does to their minorities compared to what China does to theirs
Realistically its hard to say, america had the benefit of worldwide influence so doesn’t even need to do their dirty work on their land. They’ve also been at war for quite a lot longer than China, solely for personal gain.
Realistically they’re both shit, let’s just scrap the whole thing and start again
Unexamined racism. “Collectivist asians” and denying Asian individuality is very normal in the US/Europe. Malcolm Gladwell can write a book saying Koreans are culturally incapable of flying an airplane and it’s fine. When Asians have human emotions it’s normal to turn it into some special exoticized thing like “saving face”. White people are individuals, Asians are a horde, nothing in Anglo culture prepares or encourages people to think about Chinese people as a billion individuals wandering around doing stuff for the same reasons you do. They’re a singular alien unit, if you go to war with Japan it’s only natural to lock all the Japanese people in a camp. Basically every book and newspaper article you’ve ever read talks about them they’re all wired together like the Borg, unless you put a ton of effort into critical thinking there’s no reason to escape that assumption.
Except the Chinese government has way more control over their companies than the US government does. In fact, there has been an explicit push recently by the government to increase their control and ownership of companies. It’s also consistent with how most large states operate, especially ones with a history of trying to control ethnically Chinese people outside of their borders.
That isn’t to say that a ton of anti China sentiment isn’t racist; it’s just that one doesn’t need to be racist make such a prediction. It’s true that many people who hate China hate it for the wrong reasons, but that doesn’t mean there aren’t things to take issue with.
Sure but stereotypes are involved in what you think a state owned bank owning 1% of Tencent stock practically means, and what kind of hateful thing you imagine a government that operates on the willing cooperation of millions of people is going to do with it. You don’t need to be racist to hate China, but there are a lot more racists than people who studied Chinese corporate structure and came to a rational conclusion about it.
I don’t know what “willing cooperation” has to do with anything. The US government has the willing cooperation of millions and had the willing cooperation of a majority of Americans in the past. That doesn’t mean the US government didn’t do some of the worst shit ever during the peak of their popularity. It’s also not like consent isn’t manufactured in China.
If anything, it’s my belief in the similarities of the Chinese and US governments that makes me think they would do hateful things with their power. People in China are the same as people here. I don’t have a rose tinted view of people here either.
I wish my government kept companies in check a bit more than they do. I live in the UK where all the water companies are owned by hedge funds and they keep discharging raw sewage into all our waterways. I feel we could do well to take back some control from them.
I use OpenBoard (it’s available on fDroid. Maybe the play store too).
I don’t know if it’s the best but I like it. If you type in multiple languages you do need to hit a “language switcher” key on the keyboard to switch to the autocorrect for that language. A very minor complaint. Otherwise it’s great.
And it will learn swear words. No more ducking ducks.
I only dislike it for German. My other languages are Spanish and English, which have the same layout minus one extra key not even used in English. But in German Z and Y change places, so that always trips me up.
Having to remember to switch to the different language when writing a bilingual email is also annoying and does happen somewhat more often than you’d imagine.
Yes.. The pitfalls of FOSS is that some dude is working on it when they have free time. I’ve been using it for 2 years and can’t say I mind… would like to have the word suggestions, though.
Seconded. I use Gboard because it has the same functionality but I have to sandbox it and restrict all internet access via firewall. I still don’t trust it and would prefer a FOSS alternative with the same functionality.
You can sandbox an app using Shelter. You can block the internet access of that app using NetGuard. Both apps are available on F-Droid and easy to setup. No special OS needed but I strongly recommend GrapheneOS to avoid backdoors.
Glad to help. Consider dropping the NetGuard dev some coin, he’s doing incredible work. He also develops FairEmail which imho is the best IMAP email app in existence.
Think you mean SwiftKey which Microsoft just introduced bing AI into that you can’t turn off. I 100 percent assume they now use all your typing data to train their ai too. They won’t even let you use themes without logging in to an account so I again assume they also tie data to accounts.
Yes that’s why I’ve disabled Internet access for my keyboard since I haven’t found a FOSS one with all the features I want. Not that I need them but they’re nice and blocking network access is built in GrapheneOS anyway.
Didn’t swiftpad or whatever its called send every key pressed to Microsoft?
Not a China shill. China is horrible. Microsoft less so as they don’t commit genocide in slow motion. But still, I think this sort of thing is more common than we think.
Use FOSS.
deleted by creator
Just for one thing, Chinese companies are required to have CCP members in their leadership.
I mean like the FBI buys all that data without a warrant anyways… So st least we pretend its not happening but like were practically looking in a mirror
I think China’s worse. In many cases much worse, in some cases only a bit worse. But I do not excuse America.
Look at Xinjang. The Uyghurs are facing cultural eradication. Look at African Americans. Their situation is still bad and not ok! But it is the lesser evil when you compare what the US does to their minorities compared to what China does to theirs
Careful, there are some Americans that might take that as a challenge.
Realistically its hard to say, america had the benefit of worldwide influence so doesn’t even need to do their dirty work on their land. They’ve also been at war for quite a lot longer than China, solely for personal gain.
Realistically they’re both shit, let’s just scrap the whole thing and start again
deleted by creator
Removed by mod
I wanted to ask if you were born yesterday but I’ll try to be more educative than sassy.
All companies in China exist purely with the blessing of the political party. No approval, no company. Everything is done by their books.
And in US is other way around, every political party has blessing of companies.
😂
Unexamined racism. “Collectivist asians” and denying Asian individuality is very normal in the US/Europe. Malcolm Gladwell can write a book saying Koreans are culturally incapable of flying an airplane and it’s fine. When Asians have human emotions it’s normal to turn it into some special exoticized thing like “saving face”. White people are individuals, Asians are a horde, nothing in Anglo culture prepares or encourages people to think about Chinese people as a billion individuals wandering around doing stuff for the same reasons you do. They’re a singular alien unit, if you go to war with Japan it’s only natural to lock all the Japanese people in a camp. Basically every book and newspaper article you’ve ever read talks about them they’re all wired together like the Borg, unless you put a ton of effort into critical thinking there’s no reason to escape that assumption.
Except the Chinese government has way more control over their companies than the US government does. In fact, there has been an explicit push recently by the government to increase their control and ownership of companies. It’s also consistent with how most large states operate, especially ones with a history of trying to control ethnically Chinese people outside of their borders.
That isn’t to say that a ton of anti China sentiment isn’t racist; it’s just that one doesn’t need to be racist make such a prediction. It’s true that many people who hate China hate it for the wrong reasons, but that doesn’t mean there aren’t things to take issue with.
Sure but stereotypes are involved in what you think a state owned bank owning 1% of Tencent stock practically means, and what kind of hateful thing you imagine a government that operates on the willing cooperation of millions of people is going to do with it. You don’t need to be racist to hate China, but there are a lot more racists than people who studied Chinese corporate structure and came to a rational conclusion about it.
I don’t know what “willing cooperation” has to do with anything. The US government has the willing cooperation of millions and had the willing cooperation of a majority of Americans in the past. That doesn’t mean the US government didn’t do some of the worst shit ever during the peak of their popularity. It’s also not like consent isn’t manufactured in China.
If anything, it’s my belief in the similarities of the Chinese and US governments that makes me think they would do hateful things with their power. People in China are the same as people here. I don’t have a rose tinted view of people here either.
I wish my government kept companies in check a bit more than they do. I live in the UK where all the water companies are owned by hedge funds and they keep discharging raw sewage into all our waterways. I feel we could do well to take back some control from them.
What are the best FOSS options for Android keyboard apps? I’ve been struggling with this lately.
I use OpenBoard (it’s available on fDroid. Maybe the play store too).
I don’t know if it’s the best but I like it. If you type in multiple languages you do need to hit a “language switcher” key on the keyboard to switch to the autocorrect for that language. A very minor complaint. Otherwise it’s great.
And it will learn swear words. No more ducking ducks.
OpenBoard - every other keyboard app is ducking shirt
deleted by creator
I only dislike it for German. My other languages are Spanish and English, which have the same layout minus one extra key not even used in English. But in German Z and Y change places, so that always trips me up.
Having to remember to switch to the different language when writing a bilingual email is also annoying and does happen somewhat more often than you’d imagine.
deleted by creator
FlorishBoard
F-Droid says the app hasn’t been updated in the last 14 months. Is the project still worked on? It says beta on the website.
Yes.. The pitfalls of FOSS is that some dude is working on it when they have free time. I’ve been using it for 2 years and can’t say I mind… would like to have the word suggestions, though.
Thanks for the recommendation. This comment is typed using a freshly installed florisboard keyboard :)
Seconded. I use Gboard because it has the same functionality but I have to sandbox it and restrict all internet access via firewall. I still don’t trust it and would prefer a FOSS alternative with the same functionality.
How do you do that?
Not OP, but this can be managed with Datura firewall on CalyxOs
wants to do something
needs to be an IT major
Welp, guess I’ll choose between China and Microsoft, then.
You can sandbox an app using Shelter. You can block the internet access of that app using NetGuard. Both apps are available on F-Droid and easy to setup. No special OS needed but I strongly recommend GrapheneOS to avoid backdoors.
Thank you vm! NetGuard is awesome. I will test Shelter.
Glad to help. Consider dropping the NetGuard dev some coin, he’s doing incredible work. He also develops FairEmail which imho is the best IMAP email app in existence.
I’m partial to thumbkey. It even has a Lemmy community: [email protected]
Thanks for the heads up. It’s really similar to the keyboard I use.
OpenBoard with Gesture
Using FlorisBoard right now, no auto correct but you’ll adapt
Think you mean SwiftKey which Microsoft just introduced bing AI into that you can’t turn off. I 100 percent assume they now use all your typing data to train their ai too. They won’t even let you use themes without logging in to an account so I again assume they also tie data to accounts.
Yes that’s why I’ve disabled Internet access for my keyboard since I haven’t found a FOSS one with all the features I want. Not that I need them but they’re nice and blocking network access is built in GrapheneOS anyway.
deleted by creator