Security Flaw in Mandatory App for Beijing Olympics Installation
Risk of Personal Information Leakage Due to Encryption Failure
Over 2,400 Prohibited Words Including Xinjiang and Uighur Also Affected
![[Image source=Reuters Yonhap News]](http://www.asiae.co.kr/news/img_view.htm?img=2022011910301615024_1642555816.jpg)
[Asia Economy Reporter Cho Hyun-ui] It has been revealed that the application (app) mandated by China for participants of the Beijing Winter Olympics to prevent the spread of COVID-19 contains security flaws that could lead to personal information leaks.
A research team from the University of Toronto's Citizen Lab stated in a report on the 18th (local time) that "MY2022 has a simple but fatal flaw," adding, "It often fails to encrypt users' data, posing a hacking risk."
MY2022 is an exclusive app for athletes, coaches, spectators, and journalists participating in the Beijing Olympics. All participants must pre-register passport information, entry and exit plans, medical records, etc., on this app, and respond daily to health surveys such as temperature reporting starting 14 days before arrival.
The app also includes chat, file transfer, weather, tourism information, and navigation features. The Washington Post pointed out, "Due to this flaw, Chinese telecom companies or internet service providers can read data transmitted through Wi-Fi installed at Olympic venues, hotels, and airports."
This report came amid rising concerns in various countries about the leakage of personal information of Beijing Olympic participants. Currently, the United States, the United Kingdom, Canada, Australia, and others strongly recommend their delegations use temporary phones. The Netherlands has gone further by completely banning personal phones and laptops.
The Android version of the app also contains a blacklist of 2,442 politically sensitive words, including Tibet and Xinjiang Uyghur. However, it is reported that there is no evidence these were actually used for censorship.
Citizen Lab explained, "There is no evidence that the Chinese government intentionally embedded such easily discoverable flaws in the app," adding, "The security flaws in MY2022 are similar to those found in popular Chinese web browsers."
Hot Picks Today
In the End, Even Wafer Pods Were Removed Over Fears of a Strike... Samsung Electronics Enters 'Emergency Mode'
- No Bacteria Detected in Arisu After 24 Hours of Repeated Drinking from a Tumbler
- "Available Only in Korea": Pokémon Card Prices Surge 2,532% Due to Rarity, Becoming Investment Assets
- [US-China Summit] Trump Invites Xi Jinping to the White House... Gives Positive Assessment of Summit (Update)
- "Addicted to Uncovering Hidden Value Investing Opportunities"... Korean Stock Fever Sweeps the US
They also stated, "We reported these security flaws to the Beijing Olympic Preparatory Committee last month but received no response. This also violates Google and Apple's security policies, yet both companies have not provided any significant replies."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
