The Taipei City Government’s complaints and petitions app exposed thousands of users to cybersecurity risks as a result of the contractor’s failure to encrypt Android users’ data, Democratic Progressive Party Taipei City Councilor Hsieh Wei-chou (謝維洲) said yesterday.
The mobile app Hello Taipei Integrated Petitions System, which was developed using NT$10.25 million (US$337,337) of the city’s reserve funds, was launched in January.
The app is “ready to receive petitions about anyone, including the president,” Taipei Mayor Ko Wen-je (柯文哲) said at its launch.
With about 60,000 users, the app developed by Galaxy Software Services Co (GSS) transmitted petitions and personal information from Android smartphones unencrypted, an oversight that was not discovered until July 2, Hsieh told a news conference.
Although the loophole exposed an estimated 3,700 users to potential hacking, the city did not order GSS to pay for breach of contract, he said.
According to its contract, GSS should have checked its system for security vulnerabilities before its official release, Hsieh said.
GSS was also the contractor for the city’s online polling platform known as i-Voting and dropbox system for municipal official documents, he said.
Taipei Department of Information Technology Director Chen Ming-hui (陳敏慧) said the city had followed the central government’s lead by trusting the Government Certification Authority (GCA).
“It sounds like whenever Ko Wen-je fouls up, he passes the buck to President Tsai Ing-wen (蔡英文),” Hsieh replied.
Another information department official, Chen Wai-yi (陳崴逸), acknowledged that the problem “might jeopardize users if hackers target the app in certain environments using specific techniques.”
The city government has not received any public complaints about data being compromised because of the app, but it will hold GSS responsible if such incidents occurred, Chen Wai-yi said.
The terms of the contract imposes liabilities on GSS in cases where institutions suffered harm through use of its product, he said.
The department said the city government required GSS to encrypt Hello Taipei’s transmissions, which GSS did via the GCA’s certificate — a governmental security protocol — which turned out to be incompatible with Google Inc’s Google Play platform.
The department on July 2 discovered the flaw and pulled the app off-line until GSS fixed the problem with Google the following day, he said.
POLAM KOPITIAM CASE: Of the two people still in hospital, one has undergone a liver transplant and is improving, while the other is being evaluated for a liver transplant A fourth person has died from bongkrek acid poisoning linked to the Polam Kopitiam (寶林茶室) restaurant in Taipei’s Far Eastern Sogo Xinyi A13 Department Store, the Ministry of Health and Welfare said yesterday, as two other people remain seriously ill in hospital. The first death was reported on March 24. The man had been 39 years old and had eaten at the restaurant on March 22. As more cases of suspected food poisoning involving people who had eaten at the restaurant were reported by hospitals on March 26, the ministry and the Taipei Department of Health launched an investigation. The Food and
The long-awaited Taichung aquarium is expected to open next year after more than a decade of development. The building in Cingshui District (清水) is to feature a large ocean aquarium on the first floor, coral display area on the second floor, a jellyfish tank and Dajia River (大甲溪) basin display on the third, a river estuary display and restaurant on the fourth, and a cafe and garden on the fifth. As it is near Wuci Fishing Port (梧棲漁港), many are expecting the opening of the aquarium to bring more tourism to the harbor. Speaking at the city council on Monday, Taichung City Councilor
A fourth person has died in a food poisoning outbreak linked to the Xinyi (信義) branch of Malaysian restaurant chain Polam Kopitiam (寶林茶室) in Taipei, Deputy Minister of Health and Welfare Victor Wang (王必勝) said on Monday. It was the second fatality in three days, after another was announced on Saturday. The 40-year-old woman experienced multiple organ failure in the early hours on Monday, and the family decided not to undergo emergency resuscitation, Wang said. She initially showed signs of improvement after seeking medical treatment for nausea, vomiting and diarrhea, but her condition worsened due to an infection, he said. Two others who
Taiwanese should be mindful when visiting China, as Beijing in July is likely to tighten the implementation of policies on national security following the introduction of two regulations, a researcher said on Saturday. China on Friday unveiled the regulations governing the law enforcement and judicial activities of national security agencies. They would help crack down on “illegal” and “criminal” activities that Beijing considers to be endangering national security, according to reports by China’s state media. The definition of what constitutes a national security threat in China is vague, Taiwan Thinktank researcher Wu Se-chih (吳瑟致) said. The two procedural regulations are to provide Chinese