Saturday, June 3, 2023
  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zoneUpdated
    • ViewnetUpdated
    • Sri ComputersUpdated
    • StartecUpdated
    • ThundermatchExpired
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zoneUpdated
    • ViewnetUpdated
    • Sri ComputersUpdated
    • StartecUpdated
    • ThundermatchExpired
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
No Result
View All Result
Home Security

MY2022 Beijing Winter Olympics App Reportedly Riddled With Security Flaws

Several countries have advised athletes to use burner phones or disposable devices while in China.

by Ikmal Rozlan
January 19, 2022
2022 winter olympics beijing

[Photo: Olympics]

75
SHARES
Share on FacebookShare on Twitter

Canadian cybersecurity group Citizen Lab has released a report which listed down several security vulnerabilities in the MY2022 app which has been designed for extensive use at the upcoming 2022 Winter Olympics in Bejing next month.

For context, all participants, journalists, and attendees of the event are required to download the app 14 days prior to their departure to China. Aside from health monitoring, the app also includes features such as messaging, file transfers, Olympic news, and city guide services for Beijing.

China beijing my2022 app winter olympics
[Photo: Citizen Lab]

According to Citizen Lab, the app fails to validate SSL certificates which means it is not able to properly verify to whom it is sending data. This would allow hackers to spoof trusted servers and display fake instructions to users, as well as access sensitive information in health customs forms.

Not only that, but the Toronto-based researchers also found that MY2022 fails to encrypt sensitive metadata, which includes the names of message senders, receivers, and their user account identifiers. This means that it is possible for a lot of parties including ISPs or even someone that is connected to an unsecured wifi access point, to access the data.

The most worrying part is the group found that the app allows users to report politically-sensitive content and uncovered a censorship keyword list in the Android version in a file named “illegalwords.txt”. The list contains 2,442 keywords, with the majority of them being politically motivated or involving vulgar words, though it appears that the list is inactive.

China beijing my2022 app winter olympics censorship
Some of the keywords in the censorship list and the user report function [Photo: Citizen Lab]

In response to the report, the International Olympic Committee (IOC) said that the MY2022 app has been independently assessed and was found to have no critical vulnerabilities. The Beijing Organising Committee for the games did not respond to the findings, but they released an update to the iOS version which did not fix any of the issues. Instead, a new feature called “Green Health Code” was added to collect travel document information and medical history information and was found to be similarly vulnerable.

Nevertheless, several countries have warned athletes not to bring their personal devices to China over fears of cybersecurity threats. For example, the U.S Olympic & Paralympic Committee have recommended the usage of burner phones as well as rental or disposable computers. On another hand, the Dutch Olympic Committee reportedly will be providing phones and laptops to athletes and staff which will be subsequently disposed once they come back from Beijing.

(Source: Citizen Lab, Inside The Games)

What’s your Reaction?
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0

Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news. 

Filed Under beijingchinamy2022security vulnerabilitySSLwinter olympics
Updated 11:01 am, Thu, 20 January 22
Back to top
Share30Tweet19SendShare

RELATED ARTICLES

qualcomm snapdragon summit launch date
Mobile

Qualcomm To Unveil Next-Gen Snapdragon Flagship Chip This October

by Heirul Kamel
June 2, 2023
Apple china store
Rumours & Leaks

Apple Will Reportedly Open Its First Official Store In Malaysia Next Year

by Heirul Kamel
June 2, 2023
Motorola Razr Plus
Mobile

Motorola Razr 2023 Series Is Finally Official After Numerous Leaks

by Ian Chee
June 2, 2023
airasia food dine-in eatigo
Apps

airasia food Introduces New Dine-In Feature With Discounts

by Ikmal Rozlan
June 1, 2023

LOWYAT.TV

No Result
View All Result

TRENDING THIS WEEK

  1. 1
    Branded

    Safeguarding Your Finances: Six Tips From OctaFX

  2. 2
    Security

    MY2022 Beijing Winter Olympics App Reportedly Riddled With Security Flaws

  3. 3
    Branded

    Here’s Why The Samsung’s One UI 5.1 Is The Most Versatile & Flexible OS To Date

  4. 4
    Telco

    Unifi Introduces UNI5G Postpaid 89 Unlimited Plan With No FUP

  5. 5
    Mobile Phones

    Redmi Note 12T Pro Unveiled With Dimensity 8200 Ultra, 144Hz Display

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Contact Us
  • Editorial Policy
  • Terms & Conditions

©2023 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zone
    • Viewnet
    • Sri Computers
    • Startec
    • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables

©2023 LOWYAT, LLC. ALL RIGHTS RESERVED.