Gadgets News

The Olympic healthcare program is said to have security concerns

Just two weeks before it happens is expected to start in Beijing, researchers say stating that the program that many people are using has serious security problems. The Citizen Lab, a research center at the University of Toronto’s Munk School of Global Affairs and Public Policy, said the “simple but destructive error” made it easier to go through writing methods that were supposed to protect text and file transfers.

“The worst thing is that someone is messing up all the cars and writing down all the details, all the medical stuff,” fellow researcher Jeffrey Knockel told. .

This software is used for health screening as part of COVID-19 solutions. These include messaging, Games news and traffic information. The International Olympic Committee says that workers in Beijing 2022 are using the program for things like time management and project management.

“The IOC has conducted a third-party independent investigation into applications from two cyber security testing agencies,” the IOC told Engadget in a statement. “These reports have confirmed that there are no major complications.” The IOC found that instead of using a mobile app, attendees could access an online health monitoring system. It also said it had requested the researchers’ report “to better understand their concerns.”

The Citizen Lab claims that health forms containing passport information and travel and medical records are also at risk. In addition, the researchers said it was possible to compromise server responses, which could allow hackers to provide false instructions to users.

As well as noting that the program does not block data transmission, the team found that the program fails to authenticate SSL certificates. In that case, the program will not be able to “verify who is sending the known, confidential data.” Although they were able to create an account on the iOS app, the researchers believe that weaknesses are also present on the MY2022 Android version.

Citizen Lab said it had notified the Games Organizing Committee of the difficulties that had occurred on December 3, and said it had 15 days to respond and 45 days to rectify the situation before releasing its findings. As of Tuesday, investigators had not responded.

The iOS version of the app that was released on Sunday did not solve the problem. According to the researchers, the developers added a section called “Green Health Code” which asks for more information and medical history, which is also at risk for SSL certification.

According to investigators, the error could mean that the app violates the Apple App Store and Google’s Unwanted Software Policy. In addition, MY2022 may be in violation of Chinese privacy laws.

In addition, The Citizen Lab also noted that the program has the potential to articulate “political” content. It also has a list of 2,442 search terms, which are said to be inactive for one minute, but also include topics related to topics such as Xinjiang, Tibet, Chinese government agencies and other social issues.

All sales supported by Engadget are selected by our writing team, independent of our parent company. Some of our articles include links to links. When you purchase something through one of these links, we may be able to find a partner.

Source link

Related Articles

Leave a Reply

Back to top button