Categories
CyberSecurity Hack Information and Communication Technology (ICT) News Security World News

The Proliferation of Chinese Apps as Tools of Surveillance

China may not be part of the Five, Nine, and Fourteen Eyes Alliances, but it has one of the most advanced mass surveillance and censorship systems. Software and hardware developed in China often pose the threat of monitoring and recording the data of its users – that is why the US government is wary of Chinese apps data collection policy such as the case of Tiktok. Anyone found engaging in any activity the government does not endorse, undergoes huge trauma at the hands of the law.

One of the strongest hints comes from the head of research at the Dutch Institute of Vulnerability Disclosure (DIVD), Victor Gever, who claims that billions of messages of Chinese app users like QQ and WeChat, were stored in a matter suggested they were a massive dragnet for censoring content. And obviously, there can’t be censoring without monitoring everything users do.

Why Do Chinese Apps Monitor User Data?

Why Do Chinese Apps Monitor User Data_
The Chinese government has been accused on many occasion over its roles in monitoring user’s activities through different chinese originated mobile apps. China has one of the most advanced mass surveillance and censorship systems. Most Chinese apps data are monitored against the user’s wish.

 “Every Chinese tech company has to comply with the Chinese cybersecurity law which allows the Chinese government to have access to the app’s data these companies collect – this is part of the nationwide mass surveillance systems that are in place in China,” said Victor Gevers. It is because of this reason most developers from China use a techno-surveillance approach for all their apps.

They believe all app data of users belong to their government. In their minds, it is okay to collect data in such a manner. And those who believe, the government doesn’t, we already know how they are dealt with. However, the implications of such a finding are insane. Smartphones, which are carried by most working-age people, are powerful tools if leveraged for monitoring and censoring.

Chinese Apps Data Used by Police?

Many Chinese apps data is used extensively by the police for monitoring people’s online behavior and movements. With COVID-19 taking over, the government has gained even more incentive to improve their surveillance activities. A “close-contact” app developed by the state-owned firm, China Electronics Technology Group Corporation is furthering China’s agendas.

Bear in mind this is the same company responsible for the surveillance technology deployed in Xinjiang. As a result, the app itself should be viewed with skepticism. It provides officials with data drawn from the China Railway and the Civil Aviation Administration of China, the Ministry of Transport, and the National Health Commission to track citizens’ contacts, health, and travel with infected people.

Can You Bypass Monitoring and Censorship?

It seems that China does not want to leave any stone unturned in keeping a strict eye on its citizens, and previously, they even took strict action against individuals trying to bypass imposed restrictions. VPN apps like Avast VPN were particularly banned in the country with the government even imposing legal fines. Later on, the Chinese Government approved the use of VPNs, as long as they provided backdoor access to these Chinese apps data.

Subsequently, there was an influx of free VPNs spreading in the marketplace, after which a study found that 59% of these apps had links to China, 86% of the apps had unacceptable privacy policies, 64% apps had no dedicated website, and 83% of app customer support email requests were ignored. Below are details on the numerous VPN apps with links to China:

Application NameOwnershipAndroid Downloads
SuperVPN Free VPN ClientChinese100 Million
VPN Super UnlimitedChinese1 Million
VPN Proxy MasterChinese10 Million
TurboVPNChinese100 Million
TouchVPNChinese10 Million
Snap VPNChinese10 Million
VPN 360Chinese1 Million
YogaVPNChinese10 Million
SkyVPNChinese10 Million
Thunder VPNHK Chinese1 Million
Free VPN by Freevpn.OrgChinese1 Million

At first, I thought this was a coincidence but upon digging further, I realized there’s more to the story. More or less, all these free VPNs have affiliations with companies located in China. And bear in mind, a lot of users online go for the “free” option, rather than paying for a premium VPN product. This can be verified by the number of downloads on the Google Play and Apple Store.

It is quite possible that these services may be indulging in session/connection logging to track the searches and activities of users online to enhance their solutions and spy on the people at the same time. As you can see, almost all VPNs have crossed an average of 10 million downloads (on the Google Play Store alone). And, if we talk about SnapVPN, VPN Master, and Turbo VPN, they even have an interconnected company structure.

The privacy policies of these three providers were incredibly similar (currently they have been removed or altered after people started noticing similarities). They openly stated that they do record a lot of user data, which includes everything that can reveal your identity, your location, and searches performed. Below is a snippet from one of the privacy policies:

The data we collect can include SDK/API/JS code version, browser, Internet service provider, IP address, platform, timestamp, application identifier, application version, application distribution channel, independent device identifier, iOS ad identifier (IDFA), Android ad master identifier, International Mobile Subscriber Identification Number(IMSI), iOS network card (MAC) address, and iOS international mobile device identification code (IMEI), the equipment model, email address, the terminal manufacturer, the terminal device operating system version, the session start/stop time, the location of the language, the time zone and the network state (WiFi and so on), the hard disk, the CPU, and the battery use, etc.

Wrapping Things Up

The information above only verifies repeatedly that China is a surveillance giant, which not only keeps an eye on its own citizens but even hijacks valuable tools like VPNs to gain access to the data of billions of users around the world, regardless of which country they are located in.

The citizens of the country don’t have any choice but to comply with the Chinese governments invasive laws and activities. However, if you reside in a different country, make sure to avoid downloading/installing any programs with ties to China.

It may not seem like a big thing to many. Most even say, “I’m not a terrorist, why do I have to be worried about my data being monitored?” Realize this issue is bigger than us all, and anyone who goes online deserves the right to enjoy privacy and anonymity!

Even the U.N. has declared that mass surveillance is a violation of human rights, as it increases the cases of arbitrary arrest and detention. Domestic safeguards need to be implemented in line with the international human rights law, but that can only happen when people take such things seriously.

What do you think about the proliferation of Chinese apps into the market as a secret tool for mass surveillance? What are the necessary steps you suggest to be taken in preventing incessant and illegal Chinese apps data collection around the world?

Categories
News

Google Sued for Its “Spying Program” and Rigid Policies Towards Employees

Even at this festive season when all things should’ve been rosy and rocky at Google headquarters, but otherwise has taken an unpleasant direction if all reports from The Information were anything to go by.

In a reported news by Mashable today, culled from The Information, the search engine giant had been reported to have in its place an internal spying program orchestrated to stop leaks. In line with this, a lawsuit had been filed against the company by an anonymous product manager who claimed that the tech giant company had violated the California state labor laws with its rigid confidentiality policies which included a “spying program.”

Google Sued for Spying Program and Rigid Censorship Policies towards its employees.
Google Sued for Spying Program and Rigid Censorship Policies towards its employees.

The lawsuit stated that Google had encouraged its employees to expose other employees for leaking private information. The suit as well claimed that the company frowned against employees writing a novel about anything that had to do with working at the company without an authorization.

It also stated that Google threatened to fire anyone who tried to disclose information to the media and not encouraging any internal workplace communication pertaining to work issues, like wages, legal violations and others.

Google was reached in an email to confirm the report. A Google spokesperson regarded to the lawsuit as “baseless.” The email reads:

We will defend this suit to the best of our abilities because it’s baseless. We’re very committed to an open internal culture, which means we frequently share with employees details of product launches and confidential business information. At Google, transparency is a huge part of our culture.”

It continued by stating that the company’s intent for being confidential with some certain information and the rationale behind that motive.

“Our employee confidentiality requirements are designed to protect proprietary business information, while not preventing employees from disclosing information about terms and conditions of employment, or working place concerns.”

The lawsuit also claim the company urges its employees not to document company challenges or illegal activity in order not to fall into the wrong hands.

The lawsuit was filed in San Francisco on Tuesday and brought by John Doe.

More on this news shortly…

Categories
Information and Communication Technology (ICT) News

Hackers to launch self satellites to block Internet censorship

Hackers to launch self satellites to block Internet censorship

Chaos Computer Club outlines the plan for ‘Hacker Space Global Grid’

“Let us take the Internet (Web) out of the control of the terrestrial entities.”

This is the call to arms that was issued by a hacker activist, Nick Farr, who is behind a new plan to launch satellites into the space in order to prevent the internet censorship which many have been contenplating over for a while now.  I hope you remember Godaddy and Stop Online Privacy Act issue – they supported the SOPA cause and lost over 72,354 of domain registrations in about a week alone with a record 21,000 domain registrations in one single day. And in order to reduce the number of people and business that are being moved from its service, Godaddy made an attempt to stop users by telling them to written authentication letter before they can move their domain registrations, which even turns out to be the greatest mistakes the company makes during the incident.Hackers plan space satellites to combat censorship

But, let’s leave Godaddy’ side and focus on the theme of the article.

Farr is who was a spokes person for a Germany-based Chaos Computer Club. He outlined the group’s mission when he was speaking at the Chaos Communication Congress held in Berlin, Germany, BBC reported. While he was calling for an “uncensorable Internet in space,” Farr outlined that the CCC’s Hackerspace Global Grid is a project that will involve setting up of low-cost ground stations which will help track and communicate with fast-moving satellites all over the world.

The time is now

Farr, who introduced the project and then began soliciting donations from every angle for the Hackerspace Global Grid this summer, said that the project is now a top priority for them because of the SOPA bill (Stop Online Piracy Act), a bill that many people believes could cause a catastrophic effects on the freedom of communication and how people connect to the world of Internet.

“Hackers are all about open information; we believe communication is a human right,” Farr stated.

Farr said that , CCC’s major motive in launching the proposed satellites into the space is knowledge, and the desire to “put humanity back in space in a meaningful way.”

With the support of Constellation, a German based Aerospace Research Initiative, the Hacker Space Global Grid plans to have three prototype ground stations of the project in place by the first half of 2012 will become a success with the partnership of the two team.

Tricky tech and a legal black hole

Alan Woodward, who is a computer science professor at University of Surrey told BBC that the hackers might not have an easy go of it in his statement:

“Low-Earth-orbit satellites, such as have been launched by amateurs so far, do not stay in a single place but rather orbit, typically every 90 minutes,” Woodward said. “That’s not to say they can’t be used for communications, but obviously only for the relatively brief periods that they are in your view.”

“It’s difficult to see how such satellites could be used as a viable communications grid other than in bursts,” Alan Woodward added.

Woodward explained that there is a legal black hole to engage with, as well because the outer space isn’t governed by the countries beneath it, so while the CCC’s satellites could function as planned, “any country could take the law into their own hands and disable the satellites.”

What do you think about this move? Please share your views below.

[BBC]