Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chinese QQ Browser Caught Sending User Data To Its Servers

Posted by msmash on from the something-smells-fishy dept.

An anonymous reader writes: A report from the Citizen Lab at the University of Toronto reveals that the popular QQ Browser is collecting sensitive user information and sending it in an insecure manner to its servers. The Android version is collecting data such as the user's search terms, browsing history, nearby Wi-Fi networks, and the user's device IMSI and IMEI codes. For the Windows version of QQ Browser, the app was caught collecting data such as the user's browsing history, hard drive serial number, MAC address, Windows hostname, and Windows user security identifier. All of this is sent unencrypted, or with a weak encryption, to Tencent's servers, QQ Browser's manufacturer. Additionally, the update process is flawed and delivered in an insecure manner that allows others to manipulate upgrade patches with malicious software. This is the third browser caught exhibiting this behavior after UC Browser and Baidu Browser.

1 of 68 comments (clear)

  1. Please forgive me by Anonymous Coward · · Score: 5, Funny

    "In Communist China, internet browses YOU!"