The most popular Chinese keyboard app which is used by more than 450 million monthly users sends every key typed to Tencent in China.
The most popular Chinese keyboard app which is used by more than 450 million monthly users sends every key typed to Tencent in China.
In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts sensitive data. These vulnerabilities could...
Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping.
You're viewing a single thread.
Hmm...
I use AnySoftKeyboard instead of the default android keyboard or the Samsung keyboard just to preemptively avoid these kind of “issues” creeping up in the future.
Should I still be worried?
Is there a way to sandbox or scope the software keyboards to never see the network (wired ethernet, Wi-Fi, LTE, 5G or otherwise) on stock Android 13 ?
Other than:
Settings > Connections > Data Usage >
Allowed networks for apps > {app} > Wi-Fi only (and not use Wi-Fi) or Mobile data only (and not use Mobile data)
and
Mobile data usage > {app} > Allow background data usage > Disabled
Moreover, there is no "Network Permissions" setting option from what I can see even within Permission manager > Additional permissions.