China propaganda app fraught with security concerns: report

The app-called "Xuexi Qiangguo" or "Study to make China strong"-has accumulated 130 million users since its launch by the Communist Party's propaganda arm in January, according to state media in August.

Marketed as an education tool, it awards points for sharing articles and watching videos such as speeches by Chinese President Xi Jinping.

But the Open Technology Fund (OTF)-a US government-funded group that campaigns for internet freedom-says users also provide a plethora of data to the app, including location and emails.

OTF contracted the independent German tech firm Cure53 to study the app.

While the Communist Party advertises it as "a way for citizens to prove their loyalty and study their country, the app's maintainers are studying them right back", OTF wrote on its website.

The app's terms and conditions also say users may have to hand over more personal information-such as fingerprints and ID numbers-depending on the features or third-party tools they want to access.

The Chinese government has come under increasing scrutiny for high-tech surveillance-from facial recognition-enabled security cameras to apps used by police to extract personal information from smartphones at checkpoints.

And though "Study to make China strong" is an education app, Cure53 said it contains code that could run "arbitrary commands"-reminiscent of a backdoor-on certain phones.

The app "maintains a level of access that no app would normally have over a user's device", said OTF.

'Intrusive app'

The investigation, which was conducted in August, only looked at the Android version of the app, partly because of its market dominance, said Sarah Aoun, the group's director of technology.

OTF is considering tackling the iOS version-which runs on Apple iPhones-next, Aoun told AFP.

"This is just another way of expanding that digital control through a very intrusive app that is being pushed onto its citizens," said Aoun.

The Communist Party's propaganda arm, which is responsible for the app, did not respond to AFP's request for comment.

Dozens of provincial and county governments across the country reportedly held workshops to promote the app earlier this year.

Chinese journalists will also have to use the app for online press accreditation exams later this month and November, said a notice last week from the State Council, China's cabinet.

"It is unusual to see so much data gathered for an education app," said Jane Manchun Wong, who reverse-engineers apps for security vulnerabilities and unreleased features.

"It's like reading a book about the great nation but the book somehow searches your home," she told AFP.

The app also scans for 960 applications-including gaming, travel and chat apps-appearing as if "attempting to find which popular apps are installed on the phone", said Cure53's report.

'Creepy code'

A spokesperson at DingTalk, an enterprise chat platform that was used to build the app, told AFP that it had "no 'backdoor code' or scanning issues".

But OTF said users' data and their phones could be further jeopardised if the code that "amounts to a backdoor" runs successfully.

Currently, this code only affects phones where users have installed software that gives them "superuser" privileges-such as the ability to modify the device's code.

But apps can also abuse this level of privilege to take over a user's device.

"The code they found is creepy", Baptiste Robert, a French security researcher, told AFP-but cautioned against the use of the word backdoor.

The investigation also found "no evidence" that the code was used during testing, with Cure53 concluding that "further investigation" was needed to determine how it was used.

Website search

Recently updated

Bitdefender Total Security 2018 Bitdefender Total Security 2018 Anti-malware solution with anti-theft, anti-phishing, firewall, autopilot, rescue mode, intrusion detection, ransomware protection, parental control, browser sandbox, password manager, and more
eScanAV AntiVirus Toolkit eScanAV AntiVirus Toolkit Analyzes important areas of your computer, such as the registry, system folders, startup items, running services and the memory to detect potential dangerous content
OPSWAT Metadefender Client OPSWAT Metadefender Client Detects potential security threats using multiple antivirus engines and helps you deal with known vulnerabilities, wrapped in a user-friendly interface

Software News

Nov 17
Ever-expanding Google becomes a gaming company Tuesday with the launch of its Stadia cloud service that lets people play console-quality video games on a web browser or smartphone.
Nov 15
Apple on Friday said it is banning vaping-related apps from its App Store due to concerns that e-cigarette use can damage lungs or even kill people.
Nov 15
A scientist in Virginia has built software for the Army Corps of Engineers that turns streaming drone footage into 2-D and 3-D maps.
Nov 15
The Master Chief Collection, enhanced versions of the popular Halo series of Xbox video game, is finally arriving on PCs.
Nov 15
Do violent video games create violent gamers? It's a topic of discussion that continues to rear its head despite there being no solid evidence linking the two. It was once again brought back to the fore in August by the US ...
Nov 14
In a world of novice photographers and videographers, capturing a deluge of content via their smartphones and handheld devices, there is a need for an intelligent, easy-to-use tool for automating the creation of movies and ...
Nov 14
Look up the word "enigma" in the dictionary and you'll find a picture of "Death Stranding." Since it was revealed in 2016, the game raised more questions than answers. The project seemed like an amalgamation of random images ...

About us

Welcome to new crack resource! Our service can generate cracks, keygens and serials for your software to unlock it. CrackDownloadz provides a lot of popular cracks and keygens. No spyware and adware at all, just download new cracks, keygens and serials. If you have a software that needs a crack feel free to contact us.

Also you may contact us if you have software that needs to be removed from our website.