Additionally, the University of Toronto also sent a letter to Tencent leadership, kindly asking for the reasons the company has been engaging in these user data collection practices. The researchers notified Tencent, who released new versions that addressed only a series of these flaws. ![]() QQ Browser collects information on its users, uploads it to Tencent serversįor starters, the Android version is collecting data such as the user’s search terms, browsing history, nearby WiFi networks, and the user's device IMSI and IMEI codes.įor the Windows version of QQ Browser, the app was caught collecting data such as the user's browsing history, hard drive serial number, MAC address, Windows hostname, and Windows user security identifier.įor both the Android and Windows versions, this data is transmitted to Tencent servers without encryption or with easily decryptable encryption.Īdditionally, the browser's update process was also flawed, allowing a skilled attacker to intercept the update request and bundle malicious software with the QQ Browser update package. ![]() In this case, it's Chinese Internet giant Tencent, who provides its QQ Browser for the Windows, Mac, Android and iOS platforms.Īccording to the research group at Citizen Lab, the Android and Windows versions of this browser are collecting a trove of data from its users and have design flaws that expose this information to prying eyes while in transit. QQ Browser is yet another of those heavily customized Chromium clones that are distributed by companies that have no reason to distribute browsers. ![]() ![]() A report from the Citizen Lab at the University of Toronto reveals that the popular QQ Browser is collecting sensitive user information and sending it in an insecure manner to its servers.
0 Comments
Leave a Reply. |