The Fort Worth Press - Beijing Olympics organisers say app security flaws 'fixed'

USD -
AED 3.67302
AFN 70.177799
ALL 94.694858
AMD 399.571201
ANG 1.800481
AOA 912.000034
ARS 1027.729361
AUD 1.603355
AWG 1.8
AZN 1.697676
BAM 1.879673
BBD 2.017107
BDT 119.384911
BGN 1.881012
BHD 0.376934
BIF 2953.447033
BMD 1
BND 1.357194
BOB 6.903412
BRL 6.21685
BSD 0.999039
BTN 85.070401
BWP 13.87506
BYN 3.26939
BYR 19600
BZD 2.010284
CAD 1.43675
CDF 2870.000189
CHF 0.90009
CLF 0.03586
CLP 989.480209
CNY 7.298801
CNH 7.306215
COP 4373.91
CRC 507.256127
CUC 1
CUP 26.5
CVE 106.009258
CZK 24.10875
DJF 177.904853
DKK 7.171097
DOP 60.855358
DZD 135.127343
EGP 50.858598
ERN 15
ETB 127.201346
EUR 0.96095
FJD 2.31865
FKP 0.791982
GBP 0.797448
GEL 2.810197
GGP 0.791982
GHS 14.690824
GIP 0.791982
GMD 71.999964
GNF 8634.310428
GTQ 7.698187
GYD 209.014897
HKD 7.76805
HNL 25.382989
HRK 7.172906
HTG 130.598126
HUF 395.534005
IDR 16213
ILS 3.64741
IMP 0.791982
INR 85.38525
IQD 1308.697741
IRR 42087.498013
ISK 139.549837
JEP 0.791982
JMD 155.655935
JOD 0.709299
JPY 157.086031
KES 129.119811
KGS 86.99942
KHR 4014.412683
KMF 466.124975
KPW 899.999441
KRW 1457.470401
KWD 0.30818
KYD 0.83258
KZT 517.549255
LAK 21848.149928
LBP 89462.854397
LKR 294.435368
LRD 181.893348
LSL 18.576261
LTL 2.95274
LVL 0.604891
LYD 4.904373
MAD 10.074676
MDL 18.432484
MGA 4712.157617
MKD 59.135031
MMK 3247.960992
MNT 3397.99987
MOP 7.992119
MRU 39.880827
MUR 47.070154
MVR 15.402589
MWK 1732.340221
MXN 20.164402
MYR 4.487015
MZN 63.903729
NAD 18.576261
NGN 1541.640096
NIO 36.761173
NOK 11.628915
NPR 136.06247
NZD 1.771166
OMR 0.384748
PAB 0.999039
PEN 3.720135
PGK 4.054781
PHP 58.591972
PKR 278.129073
PLN 4.094575
PYG 7791.44642
QAR 3.634825
RON 4.784295
RSD 112.416046
RUB 99.929361
RWF 1393.656896
SAR 3.75514
SBD 8.383555
SCR 14.26593
SDG 601.501981
SEK 11.078902
SGD 1.3585
SHP 0.791982
SLE 22.8039
SLL 20969.503029
SOS 570.975493
SRD 35.057966
STD 20697.981008
SVC 8.741951
SYP 2512.530243
SZL 18.584334
THB 34.159588
TJS 10.933512
TMT 3.51
TND 3.186697
TOP 2.342101
TRY 35.177625
TTD 6.789044
TWD 32.699497
TZS 2419.99986
UAH 41.889284
UGX 3656.895723
UYU 44.484182
UZS 12897.645363
VES 51.575121
VND 25425
VUV 118.722003
WST 2.762788
XAF 630.424796
XAG 0.033795
XAU 0.000382
XCD 2.70255
XDR 0.765978
XOF 630.424796
XPF 114.617972
YER 250.375036
ZAR 18.612085
ZMK 9001.2026
ZMW 27.648246
ZWL 321.999592
  • RBGPF

    59.8000

    59.8

    +100%

  • SCS

    0.0800

    11.73

    +0.68%

  • NGG

    -0.1600

    58.86

    -0.27%

  • VOD

    0.0600

    8.43

    +0.71%

  • BCC

    0.9500

    123.19

    +0.77%

  • RIO

    -0.0300

    59.2

    -0.05%

  • RYCEF

    -0.0100

    7.24

    -0.14%

  • GSK

    -0.0300

    34.03

    -0.09%

  • RELX

    0.3000

    45.89

    +0.65%

  • CMSC

    -0.1321

    23.77

    -0.56%

  • CMSD

    0.1000

    23.65

    +0.42%

  • BP

    0.0400

    28.79

    +0.14%

  • BTI

    0.0400

    36.26

    +0.11%

  • BCE

    0.0600

    22.9

    +0.26%

  • AZN

    -0.3300

    66.3

    -0.5%

  • JRI

    0.0500

    12.15

    +0.41%

Beijing Olympics organisers say app security flaws 'fixed'
Beijing Olympics organisers say app security flaws 'fixed'

Beijing Olympics organisers say app security flaws 'fixed'

An app that Winter Olympics attendees must use has been patched, a Chinese official told AFP Thursday, after cyber security researchers said they had found a "simple but devastating" flaw that could allow data leaks.

Text size:

Next month's Games are being held in a bubble that separates participants from the rest of the population as part of China's strict zero-Covid policy.

Those taking part -- from foreign athletes, delegates and media to the army of local volunteers and officials -- have to download a health-tracking app called MY2022.

Users report their health status daily through the app which collects data including vaccination status and coronavirus test results, as well as travel and passport details.

Earlier this week researchers at the University of Toronto's Citizen Lab said they discovered the app's security flaws could allow data including health information and voice messages to leak, which could then be read by "eavesdroppers" such as Wi-Fi hotspot operators.

But a senior Chinese Olympic official said any bugs had now been fixed.

"There is definitely no data leakage," Beijing Olympics Organising Committee (BOCOG) tech chief Yu Hong told AFP, adding that the app's user and privacy guidelines were reviewed by the International Olympic Committee.

"The security loopholes have already been fixed. If they existed in earlier versions, they have been fixed in the latest version."

The app's developers have been in email contact with Citizen Lab since Wednesday, Yu added, promising that there will be "relevant discussions" on follow-up work.

Yu did not deny there may have been security flaws in previous versions of the app and she suggested that BOCOG had not been aware of them.

"During development we have continued to test and use it. When new usage conditions appear some new technological imperfections may be discovered, these can be called loopholes," she said.

- Data laws -

Citizen Lab earlier said it had notified organisers about the issues in early December but received no reply.

However, Yu said organisers never saw the request because it was sent to an old email address.

China's data security laws require that health and medical data be encrypted during transmission and storage.

The Citizen Lab report claimed that the app's inadequate encryption could violate Chinese law, as well as Google and Apple mobile software policies.

"China has a history of undermining encryption technology to perform political censorship and surveillance," researcher Jeffrey Knockel wrote in the report.

Researchers also discovered the app's Android code contained an apparently inactive blacklist of over 2,400 "politically sensitive" phrases, and that it had a separate function to report other users' speech for "politically sensitive content".

But organisers denied ever requesting these functions, and said they have asked the developer to look into it.

They added that app health data would primarily be shared with virus control authorities, after the report claimed this was unclear.

"Use of data by individuals and departments is only permitted after the IOC confirms it," Yu said.

China maintains the world's most sophisticated digital tools to monitor and censor the internet for its citizens, blocking major Western platforms such as Twitter, Facebook and YouTube.

In recent days, Olympic associations in multiple Western countries have warned athletes to leave personal devices at home and bring "burner" phones to China.

Analysts have also warned of cybersecurity risks such as data theft and surveillance targeting attendees using public Wi-Fi networks and official SIM cards provided by organisers.

However, organisers and the Chinese government have dismissed such concerns as unfounded.

"The government will not monitor individuals' phones in any form," Yu said.

The app also provides a range of daily living services for users, such as translation, weather, transport schedules and accommodation booking.

W.Lane--TFWP