Zoom’s Encryption is Linked to Chinese Servers

· Andrew Orr · Link

Chinese flag

Researchers found that Zoom uses its own encryption scheme, sometimes using keys issued by China.

Some of the key management systems — 5 out of 73, in a Citizen Lab scan — seem to be located in China, with the rest in the United States. Interestingly, the Chinese servers are at least sometimes used for Zoom chats that have no nexus in China. The two Citizen Lab researchers, Bill Marczak and John Scott-Railton, live in the United States and Canada. During a test call between the two, the shared meeting encryption key “was sent to one of the participants over TLS from a Zoom server apparently located in Beijing,” according to the report.

I don’t have further commentary on Zoom, other than asking, “How will this end?”

Government Excludes Apple Watch From Tariffs

· Andrew Orr · News

The U.S. Trade Representative approved Apple’s request to exclude the Apple Watch from U.S. tariffs on imported Chinese goods.

TikTok Censors Posts by People it Deems Ugly or Poor

· Andrew Orr · Link

Chinese app TikTok told its moderators to censor posts from users deemed too ugly, poor, or disabled.

…according to internal documents obtained by The Intercept. These same documents show moderators were also told to censor political speech in TikTok livestreams, punishing those who harmed “national honor” or broadcast streams about “state organs such as police” with bans from the platform.

iPads, Trackpads, China, and Censorship – TMO Daily Observations 2020-02-28

· Dave Hamilton & Charlotte Henry · The Mac Observer's Daily Observations Podcast

TMO Daily Observations Podcast Logo

This week we saw rumors of Apple releasing an iPad keyboard with a trackpad, and news that Apple will be requiring paid game developers to comply with Chinese censorship laws. Charlotte Henry and Bryan Chaffin join Dave Hamilton to sift through it all for you before the weekend. Press play and enjoy!

Chinese Military Charged With Equifax Data Breach

· Andrew Orr · Link

Chinese flag

Four Chinese military hackers have been charged with breaking into Equifax’s network and stealing the data of tens of millions of Americans.

The accused hackers exploited a software vulnerability to gain access to Equifax’s computers, obtaining log-in credentials that they used to navigate databases and review records. The indictment also details efforts the hackers took to cover their tracks, including wiping log files on a daily basis and routing traffic through dozens of servers in nearly 20 countries.

Reminder that Equifax executives did insider trading based on the breach. They are criminals.

FBI Investigates Over 1,000 Cases of Chinese IP Theft

· Andrew Orr · Link

At the China Initiative Conference, government officials from the FBI and DoJ spent four hours talking about theft of U.S. intellectual property by China.

“The threat from China is real, it’s persistent, it’s well-orchestrated, it’s well-resourced, and it’s not going away anytime soon,” John Demers, Assistant Attorney General for National Security, opened the conference.

“This one to me really stands out as the greatest long-term threat to our nation’s information and intellectual property, and to our economic vitality,” said FBI Director Christopher Wray.

This VPN App Sent User Data to China

· Andrew Orr · Link

Chinese flag

According to a report of VPN apps for 2019, downloads of these apps has increased 54%. But people need to be careful which VPN app they use. The most popular app called VPN – Super Unlimited sent user data to China. But it’s privacy policy made no secret of this.

We regularly collect and use information that could identify an individual, in particular about your purchase or use of our products, services, mobile and software applications and websites… We use various technologies to determine [your] location, including IP addresses, GPS, and other sensors.

The VPN apps I wrote about are all safe (or at least I personally believe them to be safe).