Network devices from several Chinese manufacturers are insecure and allow personal information to be leaked, testing commissioned by the Executive Yuan has shown.
A variety of devices and software, including apps, from Chinese, US and South Korean manufacturers that are used by government agencies at the central and local level were subjected to black-box testing — in which the functionality of an application is examined without knowing about its internal structure, an information-security official said yesterday on condition of anonymity.
The Telecom Technology Center conducted the tests, which simulated cyberattacks, to determine their resilience to the attacks, the official said.
The center said it would send the results of the tests to the manufacturers and retest the affected devices in two months, pending software updates.
The Chinese manufacturers included Xiaomi Corp (小米), Oppo Mobile Telecommunications Corp (歐珀), Hangzhou Hikvision Digital Technology Co (杭州海康威視數字技術) and Zhejiang Dahua Technology Co (浙江大華技術).
Information stored on some of the tested Chinese-made products was found to be insecure, the official said.
Of the software that failed to meet national requirements for information security, one app was from Oppo and seven were from Xiaomi, while software and devices from Samsung Electronics Co and Apple Inc passed all their tests, the official said.
Tests on devices from Hikvision and Dahua were aimed at testing the security of their system software, identity-recognition software, authorization mechanisms and their protection of personal information, the official said.
The monitoring software in Hikvision network camera model DFI 6257E and Dahua infrared camera model DH-IPC-HFW1230SN exhibited abnormal behavior, did not have alert functions and received a relatively low score of seven in version 3.1 of the Common Vulnerability Scoring System, which indicates security loopholes, the official said.
Both devices also used an insecure encryption system and an insufficiently complex verification system, and neither had shells designed to prevent dismantling, the official said.
The center also conducted tests on drones built by Shenzhen DJI Sciences and Technologies (深圳大疆創新科技有限公司), which supplies the drones used by Taiwan Water Corp (台灣自來水).
Tests on the company’s Mavic Pro, Mavic 2 Pro and Phantom 4 Pro V2.0 models showed signs of signal interference, which appeared in the devices’ logs, the official said.
They all had weak information-security mechanisms, among other problems, the official added.
GET TO SAFETY: Authorities were scrambling to evacuate nearly 700 people in Hualien County to prepare for overflow from a natural dam formed by a previous typhoon Typhoon Podul yesterday intensified and accelerated as it neared Taiwan, with the impact expected to be felt overnight, the Central Weather Administration (CWA) said, while the Directorate-General of Personnel Administration announced that schools and government offices in most areas of southern and eastern Taiwan would be closed today. The affected regions are Tainan, Kaohsiung and Chiayi City, and Yunlin, Chiayi, Pingtung, Hualien and Taitung counties, as well as the outlying Penghu County. As of 10pm last night, the storm was about 370km east-southeast of Taitung County, moving west-northwest at 27kph, CWA data showed. With a radius of 120km, Podul is carrying maximum sustained
Tropical Storm Podul strengthened into a typhoon at 8pm yesterday, the Central Weather Administration (CWA) said, with a sea warning to be issued late last night or early this morning. As of 8pm, the typhoon was 1,020km east of Oluanpi (鵝鑾鼻), Taiwan’s southernmost tip, moving west at 23kph. The storm carried maximum sustained winds of 119kph and gusts reaching 155kph, the CWA said. Based on the tropical storm’s trajectory, a land warning could be issued any time from midday today, it added. CWA forecaster Chang Chun-yao (張竣堯) said Podul is a fast-moving storm that is forecast to bring its heaviest rainfall and strongest
President William Lai (賴清德) yesterday criticized the nuclear energy referendum scheduled for Saturday next week, saying that holding the plebiscite before the government can conduct safety evaluations is a denial of the public’s right to make informed decisions. Lai, who is also the chairman of the Democratic Progressive Party (DPP), made the comments at the party’s Central Standing Committee meeting at its headquarters in Taipei. ‘NO’ “I will go to the ballot box on Saturday next week to cast a ‘no’ vote, as we all should do,” he said as he called on the public to reject the proposition to reactivate the decommissioned
TALKS CONTINUE: Although an agreement has not been reached with Washington, lowering the tariff from 32 percent to 20 percent is still progress, the vice premier said Taiwan would strive for a better US tariff rate in negotiations, with the goal being not just lowering the current 20-percent tariff rate, but also securing an exemption from tariff stacking, Vice Premier Cheng Li-chiun (鄭麗君) said yesterday. Cheng made the remarks at a news conference at the Executive Yuan explaining the new US tariffs and the government’s plans for supporting affected industries. US President Donald Trump on July 31 announced a new tariff rate of 20 percent on Taiwan’s exports to the US starting on Thursday last week, and the Office of Trade Negotiations on Friday confirmed that it
RSS