According to media reports, many of the 144 mobile apps developed by the Executive Yuan and its agencies are highly vulnerable to information security risks due to software design inadequacies.
Security tests showed that only 20 of all the government-designed apps had passed all vulnerability assessments, while 23 were found to have four to six vulnerabilities.
After the comprehensive evaluation, it was concluded that 98 of the 144 apps posed a high information-security risk.
Every time an app is downloaded, a message is displayed showing which access authorizations it requires. By installing it, a user grants the app these authorizations and as a result the user’s private information is transmitted to the software provider.
The Personal Information Protection Act (個人資料保護法) regulates the collection, processing and use of personal information by both governmental and non-governmental agencies. It also stipulates penalties for anyone who violates these regulations.
However, nearly everyone has a smartphone and when an app is installed, personal information is often transmitted through that app.
Since as many as 98 of the 144 apps designed and tested by the Executive Yuan pose a high security risk, this means that there is a 68 percent chance that a person’s personal information would be at risk if they install a government app. In other words, it is almost certain that a user’s personal information runs a high risk of being exposed.
If anyone with ulterior motive takes advantage of these security loopholes, they would likely be able to steal personal information and invade people’s privacy; a worrying situation.
In response, the Executive Yuan said that the National Development Council would revise the operating principles for the Executive Yuan and its agencies’ mobile development, as well as add rules for information security testing which every government app must pass before it can be made available to the public.
However, even this protection is insufficient. Apart from the rule that future apps must pass this test before distribution, every government app that is in circulation should also have to pass the regulations.
According to my investigation, the Executive Yuan and its agencies from 2011 to last year had developed 612 apps. After canceling the distribution of 257 of these apps, 355 remain in circulation. Taking into account those issued by the Presidential Office, the Legislative Yuan, the Judicial Yuan, the Examination Yuan and the Control Yuan, there are far more than 144 government-made apps.
All of these apps should also go through security testing.
In addition, any app that is developed by a private entity in cooperation with — that is, subsidized by — a government agency should also have to pass the testing.
This is the only way to guarantee that personal information is not leaked and that users’ privacy is protected.
Chen Li-hsiang is a graduate of Central Police University’s Institute of Law.
Translated by Eddy Chang
The past few months have seen tremendous strides in India’s journey to develop a vibrant semiconductor and electronics ecosystem. The nation’s established prowess in information technology (IT) has earned it much-needed revenue and prestige across the globe. Now, through the convergence of engineering talent, supportive government policies, an expanding market and technologically adaptive entrepreneurship, India is striving to become part of global electronics and semiconductor supply chains. Indian Prime Minister Narendra Modi’s Vision of “Make in India” and “Design in India” has been the guiding force behind the government’s incentive schemes that span skilling, design, fabrication, assembly, testing and packaging, and
Singaporean Prime Minister Lee Hsien Loong’s (李顯龍) decision to step down after 19 years and hand power to his deputy, Lawrence Wong (黃循財), on May 15 was expected — though, perhaps, not so soon. Most political analysts had been eyeing an end-of-year handover, to ensure more time for Wong to study and shadow the role, ahead of general elections that must be called by November next year. Wong — who is currently both deputy prime minister and minister of finance — would need a combination of fresh ideas, wisdom and experience as he writes the nation’s next chapter. The world that
Recently, China launched another diplomatic offensive against Taiwan, improperly linking its “one China principle” with UN General Assembly Resolution 2758 to constrain Taiwan’s diplomatic space. After Taiwan’s presidential election on Jan. 13, China persuaded Nauru to sever diplomatic ties with Taiwan. Nauru cited Resolution 2758 in its declaration of the diplomatic break. Subsequently, during the WHO Executive Board meeting that month, Beijing rallied countries including Venezuela, Zimbabwe, Belarus, Egypt, Nicaragua, Sri Lanka, Laos, Russia, Syria and Pakistan to reiterate the “one China principle” in their statements, and assert that “Resolution 2758 has settled the status of Taiwan” to hinder Taiwan’s
As former president Ma Ying-jeou (馬英九) wrapped up his visit to the People’s Republic of China, he received his share of attention. Certainly, the trip must be seen within the full context of Ma’s life, that is, his eight-year presidency, the Sunflower movement and his failed Economic Cooperation Framework Agreement, as well as his eight years as Taipei mayor with its posturing, accusations of money laundering, and ups and downs. Through all that, basic questions stand out: “What drives Ma? What is his end game?” Having observed and commented on Ma for decades, it is all ironically reminiscent of former US president Harry