all InfoSec news
Vulnerability in Tencent’s Sogou Chinese Keyboard Can Leak Text Input in Real-Time
Deeplinks www.eff.org
Security researchers at Citizen Lab discovered a number of cryptographic vulnerabilities in the Sogou Input Method keyboard software made by Tencent, the most popular input method in China. These vulnerabilities allow adversaries with a privileged network position (such as an ISP or anyone with access to upstream routers) to read the text a user inputs on a device in real-time as it's being typed. Users of the Sogou Keyboard are highly encouraged to upgrade to patched versions that fix this …
access adversaries china chinese citizen lab input isp keyboard lab leak network popular privileged researchers routers security security researchers software sogou technical analysis tencent text upstream vulnerabilities vulnerability