On Jan. 8, cyber security company Check Point Software Technologies announced that its research had discovered serious security vulnerabilities with video messaging app TikTok. The research found that a hacker could send a spoofed SMS message to a TikTok user containing a malicious link which, if clicked, would enable the attacker to assume control of the user’s account, allowing the hacker to upload videos and make a user’s private videos public.
An additional security loophole exposed by Check Point’s researchers would allow a bad actor to retrieve personal information saved on user accounts. According to media reports, TikTok was made aware of Check Point’s research in November last year, and by Dec. 15 had deployed a fix for the vulnerabilities.
Check Point’s Head of Product Vulnerability Research, Oded Vanunu, says that the vulnerabilities discovered by the researchers were all core to TikTok’s systems. The company also tested how easy it would be to hack into TikTok user accounts. It discovered that certain app functions, including sending video files and documents, contained security flaws.
Photo: Reuters
照片: 路透
The last two years has seen explosive growth for TikTok within the US market, making the app a rare success story in the West for a Chinese technology company. However, some US lawmakers have raised concerns over the potential for covert eavesdropping. Meanwhile, the five main branches of the US military have already banned the app’s use on government-issued devices over fears it could compromise national security. Additionally, US security officials have called on military personnel and their family members to remove the app from their personal devices.
(Translated by Edward Jones, Taipei Times)
報導指出,Check Point本月八日發布的研究報告發現,TikTok存在嚴重的安全漏洞,駭客可以透過這些漏洞,向TikTok使用者發送帶有惡意連結的訊息,而其他使用在點擊連結後,駭客就能夠控制他們的帳戶,包括上傳影片或訪問私密影片。
另外,透過另外一個安全漏洞,Check Point研究人員也可以從該公司網站上,取得TikTok使用者帳戶的個人訊息;報導指出,對此TikTok表示,公司在去年十一月了解到Check Point的研究,並表示已在十二月十五日之前修復所有漏洞。
Check Point產品漏洞研究主管瓦努努(Oded Vanunu)向該報指出,研究人員發現,這些漏洞都存在TikTok系統的核心部分;Check Point也檢驗了入侵TikTok使用者帳戶的容易程度,發現應用程式中的各項功能包括發送影片、文件等,都存在安全問題。
TikTok過去兩年在全美爆炸式增長,也成為中國科企在西方取得成功的罕見案例,但也有議員對TikTok提出安全隱憂,認為該程式可能會遭到竊聽;先前美軍五大軍種也已可能產生的國安風險為由,相繼宣布禁止與政府有關的任何裝置使用抖音,也呼籲軍方及家屬私人手機移除抖音。
(自由時報)
Many consumers are guilty of filling drawers or closets with old laptops, cellphones, fitness trackers and other electronic devices once they are no longer needed. It’s hard to know where to recycle such items, or it seems costly and inconvenient to do so. The world generates millions of tons of electronic waste — also called e-waste — each year. According to the UN’s most recent estimate, people worldwide produced 62 million metric tons of e-waste in 2022, and only about 22 percent of it was properly recycled. The US’ Environmental Protection Agency estimates that less than a quarter of e-waste is
You’re sitting in class when a classmate asks to borrow a pencil. It seems like a small favor, so you agree without hesitation. The following week, the same classmate asks to share your notes. Later, they request help with a group project. You agree each time — after all, you helped out the first time — but before you know it, it has become automatic. This scenario demonstrates the “foot-in-the-door technique,” a psychological concept that shows how agreeing to small, acceptable demands makes it easier to accept larger ones later on. The name for this strategy comes from door-to-door
A: The four-day Tomb Sweeping Day long weekend begins Friday and will run until Monday. Are you going to sweep your ancestors’ tombs? B: I did in advance last weekend, so I can go to Kaohsiung to see the musical “The Phantom of the Opera.” A: Wow, is “Phantom” touring Taiwan again? It debuted in 1986, so this year marks the 40th anniversary of the show. B: And it’s not just touring Kaohsiung starting March 31, but also Taipei starting April 21 and Taichung starting May 26. A: “Phantom” is one of the world’s Four Major Musicals. I’ve seen all of them, except “Les
Dos & Don’ts — 想想看,這句話英語該怎麼說? 1. 我們很早到達電影院。 ˇ We arrived at the theater very early. χ We arrived the theater very early. 註︰arrive 為不及物動詞,後面如果有受詞要用 at 或 in。例如:They arrived in Taipei yesterday.。一般大地方,如國家、省、大城市等前面用 in,凡小地方城鎮、學校等則用 at。 2. 開車半小時以後,我們到達了海灘。 ˇ After half an hour’s drive, we got to the beach. χ After half an hour’s drive, we got the beach. 註︰come, go, get(來、去、到達)某地時,在表示地點的名詞前面應該用 to,如 go to school, go to Taipei, come to Shanghai 等。如果這些動詞後面所跟的是 here, there, home 等副詞,則不用 to。 3. 明天我會回辦公室。 ˇ I will be back in the office tomorrow. χ I will be back to office tomorrow. 註︰to be back 一語裡的 back 是副詞,不是介詞,所以後面要用 at (the market) 或 in (the office)。 假如假期結束,要回學校上課了則可說: ? Kids will be back
RSS