The Executive Yuan yesterday said 98 government-made applications render their users highly vulnerable to hacking, adding that it would pull the apps from circulation if improvements are not made by the middle of the month.
Only 20 apps out of a total of 144 made by the Executive Yuan’s subordinate agencies passed all tests conducted by its evaluators, an Executive Yuan inventory report to the Legislative Yuan Internal Administration Committee said.
Of the remaining apps, 23 were found to have four to six vulnerabilities and 101 have one to three vulnerabilities, the report said.
The 98 apps that failed the tests pose a “high informational security risk” and the National Development Council last month instructed agencies to improve them before the middle of this month.
Those that fail to meet the deadline are to be pulled, Executive Yuan sources said.
The apps that posed a low risk should be improved before the end of July, sources added.
Apps with six vulnerabilities include the following: Tienkena’s Attack (進擊的鐵克納) by the National Science and Technology Museum, Mobile Water Manager (行動水管家) by Taiwan Water Corp (台灣自來水), Taiwan Railways eTicket (台鐵e訂通) by the Taiwan Railways Administration, Foreign Workers’ Little Assistant (外籍勞工小幫手) by the Workforce Development Agency and Accounting Mobile Go (統計隨身GO) by the Directorate-General of Budget, Accounting and Statistics.
During the budget review for this fiscal year, lawmakers on the Internal Administration Committee passed a resolution that said the Executive Yuan must review its apps for potential vulnerabilities that could compromise state secrets or users’ privacy or financial information.
According to the executive’s report, information security evaluations were conducted on the 144 apps that are available for download by 73 of its agencies.
The evaluations were performed according to the Industrial Bureau’s “guidelines for evaluating basic informational security of mobile applications,” it said, adding that the apps were tested on 10 to 16 protocols, including on their management of sensitive data, connection security and the validity of digital certificates.
The most common security issues were related to storage of sensitive data, vulnerabilities in software, invalid certificates for servers and others, the report said.
The National Development Council is to draft new standards for information security, which all future government-made apps must meet before distribution, the Executive Yuan said.
In addition, the Industrial Bureau is to incorporate informational security evaluation services into contracting guidelines for all agencies, it said.
Considering that most countries issue more than five denominations of banknotes, the central bank has decided to redesign all five denominations, the bank said as it prepares for the first major overhaul of the banknotes in more than 24 years. Central bank Governor Yang Chin-lung (楊金龍) is expected to report to the Legislative Yuan today on the bank’s operations and the redesign’s progress. The bank in a report sent to the legislature ahead of today’s meeting said it had commissioned a survey on the public’s preferences. Survey results showed that NT$100 and NT$1,000 banknotes are the most commonly used, while NT$200 and NT$2,000
The Centers for Disease Control (CDC) yesterday reported the first case of a new COVID-19 subvariant — BA.3.2 — in a 10-year-old Singaporean girl who had a fever upon arrival in Taiwan and tested positive for the disease. The girl left Taiwan on March 20 and the case did not have a direct impact on the local community, it said. The WHO added the BA.3.2 strain to its list of Variants Under Monitoring in December last year, but this was the first imported case of the COVID-19 variant in Taiwan, CDC Deputy Director-General Lin Ming-cheng (林明誠) said. The girl arrived in Taiwan on
South Korea is planning to revise its controversial electronic arrival card, a step Taiwanese officials said prompted them to hold off on planned retaliatory measures, a South Korean media report said yesterday. A Yonhap News Agency report said that the South Korean Ministry of Foreign Affairs is planning to remove the “previous departure place” and “next destination” fields from its e-arrival card system. The plan, reached after interagency consultations, is under review and aims to simplify entry procedures and align the electronic form with the paper version, a South Korean ministry official said. The fields — which appeared only on the electronic form
The Ministry of Foreign Affairs (MOFA) is suspending retaliation measures against South Korea that were set to take effect tomorrow, after Seoul said it is updating its e-arrival system, MOFA said today. The measures were to be a new round of retaliation after Taiwan on March 1 changed South Korea's designation on government-issued alien resident certificates held by South Korean nationals to "South Korea” from the "Republic of Korea," the country’s official name. The move came after months of protests to Seoul over its listing of Taiwan as "China (Taiwan)" in dropdown menus on its new online immigration entry system. MOFA last week
RSS