Saturday, May 28, 2022
  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
No Result
View All Result
Home Security

MY2022 Beijing Winter Olympics App Reportedly Riddled With Security Flaws

Several countries have advised athletes to use burner phones or disposable devices while in China.

by Ikmal Rozlan
January 19, 2022
2022 winter olympics beijing

[Photo: Olympics]

75
SHARES
Share on FacebookShare on Twitter

Canadian cybersecurity group Citizen Lab has released a report which listed down several security vulnerabilities in the MY2022 app which has been designed for extensive use at the upcoming 2022 Winter Olympics in Bejing next month.

For context, all participants, journalists, and attendees of the event are required to download the app 14 days prior to their departure to China. Aside from health monitoring, the app also includes features such as messaging, file transfers, Olympic news, and city guide services for Beijing.

China beijing my2022 app winter olympics
[Photo: Citizen Lab]

According to Citizen Lab, the app fails to validate SSL certificates which means it is not able to properly verify to whom it is sending data. This would allow hackers to spoof trusted servers and display fake instructions to users, as well as access sensitive information in health customs forms.

Not only that, but the Toronto-based researchers also found that MY2022 fails to encrypt sensitive metadata, which includes the names of message senders, receivers, and their user account identifiers. This means that it is possible for a lot of parties including ISPs or even someone that is connected to an unsecured wifi access point, to access the data.

ADVERTISEMENT

The most worrying part is the group found that the app allows users to report politically-sensitive content and uncovered a censorship keyword list in the Android version in a file named “illegalwords.txt”. The list contains 2,442 keywords, with the majority of them being politically motivated or involving vulgar words, though it appears that the list is inactive.

China beijing my2022 app winter olympics censorship
Some of the keywords in the censorship list and the user report function [Photo: Citizen Lab]

In response to the report, the International Olympic Committee (IOC) said that the MY2022 app has been independently assessed and was found to have no critical vulnerabilities. The Beijing Organising Committee for the games did not respond to the findings, but they released an update to the iOS version which did not fix any of the issues. Instead, a new feature called “Green Health Code” was added to collect travel document information and medical history information and was found to be similarly vulnerable.

Nevertheless, several countries have warned athletes not to bring their personal devices to China over fears of cybersecurity threats. For example, the U.S Olympic & Paralympic Committee have recommended the usage of burner phones as well as rental or disposable computers. On another hand, the Dutch Olympic Committee reportedly will be providing phones and laptops to athletes and staff which will be subsequently disposed once they come back from Beijing.

(Source: Citizen Lab, Inside The Games)

Tags: beijingchinamy2022security vulnerabilitySSLwinter olympics
Updated 11:01 am, Thu, 20 January 22
Back to top
Share30Tweet19SendShare

ADVERTISEMENT

RELATED ARTICLES

ktmb ets train
Transportation

KTMB Opens ETS, Intercity Ticket Sales For July Until December

by Ikmal Rozlan
May 27, 2022

KTMB has started selling tickets for ETS and Intercity service rides for the next six months. The company did the...

Read more
Samsung Teases 200MP ISOCELL Sensor With A Giant Cat Picture
Hardware

Samsung Teases 200MP ISOCELL Sensor With A Giant Cat Picture

by John Law
May 27, 2022

Last year, Samsung unveiled its 200MP ISOCELL mobile image sensor, dubbed the HP1. The new sensor had s apixel size...

Read more
Black Shark 5 launch
Mobile

Black Shark 5, 5 Pro To Launch In Malaysia On 8 June

by Ian Chee
May 27, 2022

The Black Shark 5 and its Pro variant were announced earlier this year. It looks like they will be officially...

Read more
Broadcom
Enterprise

Broadcom To Acquire VMware For US$61 Billion

by John Law
May 27, 2022

Broadcom announced that it will be acquiring the cloud computing and virtualisation technology firm, VMware, lock, stock, and barrel for...

Read more
Load More
No Result
View All Result

TRENDING TODAY

  1. 1
    Transportation

    Proposals For New Klang Valley Highways Approved To Reduce Congestion

  2. 2
    Mobile

    Samsung Galaxy A73 5G Review: Pushing The Price Barrier

  3. 3
    Fintech

    Enhanced TNG Card Sells Out Again Less Than Two Hours After Restock (UPDATE)

  4. 4
    Photography

    Huawei and Leica Partnership Is Officially Over

  5. 5
    Security

    MY2022 Beijing Winter Olympics App Reportedly Riddled With Security Flaws

Lowyat.NET

Consumer Tech News & Reviews Malaysia

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Contact Us
  • Editorial Policy
  • Terms & Conditions

©2022 LOWYAT MEDIA, LLC. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables

©2022 LOWYAT MEDIA, LLC. ALL RIGHTS RESERVED.

We use cookies to improve your experience. Learn More.