A smartphone app built by China to monitor the health of attendees at the Beijing Winter Olympic Games next month contains security flaws that make it vulnerable to privacy breaches and hackers, a report released on Tuesday by Canadian researchers said.
The MY2022 app was built by the Beijing Organizing Committee to track and share virus-related medical information among the athletes during the Games.
Researchers with Toronto’s Citizen Lab project said that MY2022 failed to properly encrypt the transfer of personal data, leaving it vulnerable to hackers.
They also found that MY2022’s privacy policy does not specify with which organizations it shares the users’ information.
The International Olympic Committee (IOC) said that it had conducted independent assessments on the application and had not found any “critical vulnerabilities.”
“It is not compulsory to install ‘My 2022’ on cellphones,” the IOC said in a statement.
Yu Hong, director-general of the Beijing Organizing Committee’s technology department, yesterday said that the main function of the app is to monitor people’s health and the country follows strict rules to protect data.
All of the MY2022 app’s technology aspects have been validated by relevant app stores, Yu told a briefing hosted by China’s embassy in the US via video link from Beijing.
Technology vulnerabilities are normal when developing this kind of app, Yu said, adding that her department is constantly updating the app to remove issues.
The Citizen Lab researchers said they found the flaws in the iOS version of the app after creating an account on it.
They were unable to set up an account on the Android version, but said the security flaws existed in both MY2022 versions.
The app failed to validate SSL certificates, which are needed to authenticate a Web site’s identity and enable encrypted connections, they said, adding that this can be exploited by hackers to transmit the data to malicious sites.
“Such data can be read by any passive eavesdropper, such as someone in range of an unsecured Wi-Fi access point, someone operating a Wi-Fi hotspot, or an Internet service provider or other telecommunications company,” they said.
Citizen Lab said it had informed the Beijing Organizing Committee on Dec. 3, but had received no reply.
US track and field athletes have about four dozen pieces to choose from when assembling their uniforms at the Olympics. The one grabbing the most attention is a high-cut leotard that barely covers the bikini line and has triggered debate between those who think it is sexist and others who say they do not need the Internet to make sure they have good uniforms. Among those critical or laughing at the uniforms included Paralympian Femita Ayanbeku, sprinter Britton Wilson and even athletes from other countries such as Britain’s Abigail Irozuru, who wrote on social media: “Was ANY female athlete consulted in
Four-time NBA all-star DeMarcus Cousins arrived in Taiwan with his family early yesterday to finish his renewed contract with the Taiwan Beer Leopards in the T1 League. Cousins initially played a four-game contract with the Leopards in January. On March 18, the Taoyuan-based team announced that Cousins had renewed his contract. “Hi what’s up Leopard fans, I’m back. I’m excited to be back and can’t wait to join the team,” Cousins said in a video posted on the Leopard’s Facebook page. “Most of all, can’t wait to see you guys, the fans, next weekend. So make sure you come out and support the Beer
Former US Masters champion Zach Johnson was left embarrassed after a foul-mouthed response to ironic cheers from spectators after a triple bogey at Augusta National on Friday. Johnson, the 2007 Masters winner, missed the cut after his three-over-par round of 75 left him on seven-over 151 for 36 holes, his six on the par-three 12th playing a big role in his downfall. Television footage showed Johnson reacting to sarcastic cheers and applause when he tapped in for the triple bogey by yelling: “Oh fuck off.” Such a response would be considered bad form in any golf tournament, but is particularly out of keeping
Taiwan’s Lee Jhe-huei and Yang Po-hsuan on Saturday won the men’s doubles bronze medal at the Badminton Asia Championships in Ningbo, China, after they were bested by the hosts in their semi-final. The Taiwanese shuttlers lost to China’s Liang Wei Keng and Wang Chang, who advanced to yesterday’s final against Malaysia’s Goh Sze Fei and Nur Izzudin. The Chinese pair outplayed Lee and Yang in straight games. Although the Taiwanese got off to a slow start in the first game, they eventually tied it 14-14, before Liang and Wang went on to blow past them to win 21-17. In the second game, Lee and