Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping.
The most popular Western OS (and probably the other commercial OSs too) sends every key typed back to base. Plus every website visited. Plus every document amended.
Any sources for this? I know Windows and probably MacOS send analytics but every keystroke and every document amended seems unlikely to me, maybe I’m wrong though.
Analytics is a broad concept, but every document is indeed a bit much.
The timeline feature on Windows that shows your info across devices when your account is signed in, contains websites, apps and services. They say you can see it for 30 days, but I doubt they delete it after, even if they say they do. They probably at minimum process the meta-data.
I don’t see why c/technology scream about privacy violations every other post, and then suddenly turn forgetful when geopolitics comes into play. I used to watch ‘exposés about China’ and anti-sjw stuff on youtube back in 2015 too - and then just as I stopped watching them, they became an ‘official geopolitical enemy’. The last decade has been a ride.
Because all the sinophobe tech bros have migrated to Lemmy and don’t actually understand the shit they’re talking about. They think the tech THEY use is super cool and want to keep using it, and also think China is scary and an imminent threat to them sitting in their gamer chair surrounded by doritos.
Or maybe, just maybe, people have been packet sniffing Microsoft’s shit for ages and haven’t found them to be doing things quite as egregiously. Go ahead, you can look this shit up.
Most of the spying features in Windows are able to be explicitly disabled through options Microsoft publishes themselves. It’s Group Policy, only available on Pro licenses, but anyone concerned about privacy should be on that anyway or spoofing their license using again, Microsoft published techniques (KMS). There’s also often registry keys to toggle it as well, but they tend to not be as reliable and change over updates.
There are also tons of ways to strip out entire components of Windows from the install media before installation, and also after it has been installed. Can’t collect telemetry “X” if the telemetry “X” service isn’t there.
Lastly, host file allows blocking network traffic to specific endpoints, and the very few times Microsoft has bypassed that it has made news. You can just block Microsoft’s entire IP block through host if you’re really paranoid.
Beyond that, I’ve seen plenty of people concerned about the US’s data collection. It’s just not always spoken about as a US thing but more as a general tech thing, likely because internet discussion is still very US centric outside the great firewall and most big tech in the English speaking world comes from the US. So i think the US connection often just goes without saying.
I’ll give you this: framing much of this as related to any nation state instead of just all tech’s hoovering up of data is disingenuous.
Also, if your threat model truly needs to be concerned about any nation state actors specifically then you’re probably already fucked.
Their source is their whataboutist rectum
Quit your bullshit, bro.
If you have a geopolitics bias, state it and then state your objection. Because atm you’re denying reality. And downvoteifgay.
Again, quit your bullshit, bro.
You know, network sniffers exist. You can verify if this is true yourself if you know how to use one. Kill all other network services and just start typing and see if it starts spewing packets.
The internet is not some black box where us regular users can’t see what’s going on.
Not that it would surprise me in any way, but do you have a source for this claim?
What, you don’t take whataboutist claims trying to deflect attention from CCP spyware at face value?
Nope (and neither do I abide the flip side of this, whattaboutist claims to deflect from US or European bullshit).
It’s actually all my fault, everyone.
surprised pikachu face - who would’ve thought?
Hmm…
I use AnySoftKeyboard instead of the default android keyboard or the Samsung keyboard just to preemptively avoid these kind of “issues” creeping up in the future.
Should I still be worried?
Is there a way to sandbox or scope the software keyboards to never see the network (wired ethernet, Wi-Fi, LTE, 5G or otherwise) on stock Android 13 ?
Other than:
Settings > Connections > Data Usage >
Allowed networks for apps > {app} > Wi-Fi only (and not use Wi-Fi) or Mobile data only (and not use Mobile data)
and
Mobile data usage > {app} > Allow background data usage > Disabled
Moreover, there is no “Network Permissions” setting option from what I can see even within Permission manager > Additional permissions.
Just gonna plug FlorisBoard here. A bit barebones for now but at least it respects your privacy.
How does it compare to OpenBoard?
isn’t it dead?
Apparently they’ve been caught up in working on predictions for a good while which has been harder than they expected, so that’s slowed development and releases considerably. So not abandoned by the devs for what its worth.
Perhaps. The last update is from June 2022 and the last contribution is 3 months old
I wish the development was active , i been using florisboard since years now
Typed with florisboard:
https://discuss.tchncs.de/post/1629183In short word suggestions are hard to implement
Tbh i started using florisboard coz i found word suggestions on google board very scary , it felt like they been tapping each word typed by me ! Florisboard is nicely customizable , although auto correct would be a nice feature to have !
This is beyond creepy
FOSS keyboards for Android:
Thanks for the unexpexted Keyboard link, didn’t knowabout it.
Neither of which supports Chinese, so that’s useless for any actual users of Sogou.
To repeat a comment I made a bit back, I’m a little disappointed even by the state of English-language Android FOSS onscreen keyboards.
I use https://github.com/osfans/trime to type Chinese.
That looks nice. I’ll check it out if I have some time later; though my written Chinese is fairly limited. So far the Windows keyboard layout did just fine.
Oh, the one I linked to was actually https://rime.im/ ported to Android. If you want to use it on Windows, please use this link instead. By the way, the required setup on Android is quite a hassle compared to the Windows, macOS, or Linux version.
This is news? I would have been extremely surprised if it wasnt. This is normal for China, the CCP is eavesdropping on everything
deleted by creator
Didn’t swiftpad or whatever its called send every key pressed to Microsoft?
Not a China shill. China is horrible. Microsoft less so as they don’t commit genocide in slow motion. But still, I think this sort of thing is more common than we think.
Use FOSS.
Tencent began investing on Reddit several years back.
Tencent owns sizeable pieces (and outright owns) of more companies than you can imagine.
They invest in basically any tech company that is open to investment and willing to accept Chinese investors. To the ccp the data of the west is worth any price.
That may be true, but large investing companies usually invest in everything. That’s just how they work.
Yes, I have seen their market cap.
So when the Chinese do it it’s scary, but when the Americans do it it’s just “established practice”?
In fact it’s hard to find open source Chinese input methods that work well enough, the only ones I know of are Trime and Fcitx5_for_android.
Naomi Wu has literally been talking about pwnd Chinese IMEs for years in her sidechannel critiques of Signal.
Alright China shills, you can stop changing the subject to how Google and the US are the “same”.
The troops advanced into central parts of Beijing on the city’s major thoroughfares in the early morning hours of 4 June and engaged in bloody clashes with demonstrators attempting to block them, in which many people – demonstrators, bystanders, and soldiers – were killed. Estimates of the death toll vary from several hundred to several thousand, with thousands more wounded.[15][16][17][18][19][20]
https://en.m.wikipedia.org/wiki/1989_Tiananmen_Square_protests_and_massacre
If you lived in China you’d likely not know about this, since people who talk about it go to prison.
Yeah the US is exactly like this so let’s not talk about the Chinese government being awful to their citizens /s
removed by mod
I mean, ill always say that China is worse than the US. But you can find plenty of examples of the US doing awful things to its people too.
Like the MOVE bombing https://en.wikipedia.org/wiki/1985_MOVE_bombing
or The Tusla Massacre that involved law enforcement bombing black neighbourhoods https://en.wikipedia.org/wiki/Tulsa_race_massacre
Or any of the countless of times cops perpetrated mass violence against black people during the civil war era and cracked down harshly on protests.
Or when the did the same to anti-war protestors during the vietnam war.
Or the numerous times they experimented on their own citezens such as MK ultra, The Tuskegee Syphilis Experiment, or any of the dozens upon dozens of radiation experimentation, like when almost 1000 pregnant mothers were injected with radioactive iron, causing many miscarriages and cancers(and thats not the only time they injected pregnant mothers with radioctive material to see if it fucked up the baby), or when inserting radium rods up the nostrils of school children and then observing how their health declined, or when they dosed hundreds of inuit with radioactive iodine to see its affects on the thyroid.
Like I dont think this makes China’s atrocities any more excusable, but the reverse is true to. The US really isnt much better than China.
deleted by creator
Don’t forget operation sea spray! Next time you laugh at someone talking about chemtrails remember the us government actually did chemtrails!
As bad as those two linked incidents were, they weren’t exactly government sanctioned. Police sanctioned, sure, and the government should do more to reign that shit in, but comparing them to Tiennamen is disingenuous at best.
The Chinese government hates letting its citizens have a voice.
The US really isnt much better than China.
The world ain’t just good or bad and there’s various degrees of “bad”. The fact that many US people can even talk about this stuff makes them already just ever so slightly better for many outsiders. This is how it is, neither country is “good” but they align more with western ideals than an authoritarian state which for many of us is bad by default…which it is of course. :)
Imagine thinking China is worse than the US when the US killed something like a million Iraqis, and that’s just one of the many war the US was waging in the last 30 years while China checks notes attacked nobody in that timeframe.
But those were brown people so they dont count - Americans probably.
I think the distinction between China and the US is how they directly treat their own citizens. Arguments could be made that they’re both equally shitty in that regard, but in different ways.
Shills gonna shill
I tend to lean into accepting that ‘the US government has done some pretty horrific shit too’ camp, but I don’t do it as a way to shill for China, because fuck that authoritarian place. But it is dumb not to recognize massacres like Kent State, Tulsa, or the systematic genocides of First Nations peoples.
Tiananmen Square really isn’t the best example to use as an example of how China isn’t like the US. There’s plenty of much more insidious dystopian shit happening in China every day to use than that.
this article isn’t about the US. I believe there is a reason so many in so many threads like that do what you’re doing and worse. THE TOPIC IS NOT THE US, STOP TRYING TO MAKE IT THAT WAY
It’s called Whataboutism. Very common deflection tactic.
yep
I’m not trying to change the subject from China to the US, I’m trying to point out that the example of Tiananmen Square is not the best example to use as a distinguishing factor for China vs the US when there are numerous examples of the US commuting similar atrocities throughout its history.
The current and active oppression and genicide of the Uyghurs.
The brutal silencing of political and ideological ‘dissidents’.
The openly dystopian social credit system being developed.
The suppression of free speech and self-expression.
There is a long list of examples to pull from that set China apart from the US.
“China’s Orwellian Social Credit Score Isn’t Real”
https://foreignpolicy.com/2018/11/16/chinas-orwellian-social-credit-score-isnt-real/
“China’s Social Credit System Is Actually Quite Boring – A supposedly Orwellian system is fragmented, localized, and mostly targeted at businesses”
https://foreignpolicy.com/2021/09/15/china-social-credit-system-authoritarian/
I think it’s a response to how there are so many CHINA BAD articles. You could take each article as isolated, but there is the idea of manufacturing consent and it’s how people develop negative feelings towards particular things after seeing so many negative articles about them.
Well, you can post all the bad shit the US has done.
China IS A BAD ACTOR on the international, national, regional, and Municipal levels. The whole state apparatus is corrupted.
It’s a lot more quick for me to point out that it’s not unique to China. The way you phrase the second part of your post is as if China is unique in this sort of corruption. The US is just as corrupt, plus it has a lot more influence around the world thanks to the sheer amount of resources it controls.
China IS bad. Changing the subject isn’t the reaction of an unbiased person.
Jesus Christ, this thread is cursed.
Circling back to the article: it would be easier to name software that doesn’t collect your data and send/sell it to your respective government. The point being made in this thread is that it isn’t just a China problem. If you think you’re safe from government observation just because you don’t live in China, I have bad news for you.
If you think you’re safe from government observation just because you don’t live in China
I think you know without doubt that this is something NO ONE ever ever ever said. You know this. And yet still – you want to make this about the united states. Maybe you can explain a way that this got brought up without China shills infecting the thread?
Because the article is not about the US. It’s not.
I didn’t mention the US.
The article makes it sound like it’s UNUSUAL that a phone app is spying on its users and sending user data to the government. It’s not an exception, it’s the rule. People pointing this out are doing you a favor, because the article’s framing would otherwise lead you to believe this is a China problem and not a tech problem.
Yeah exactly my point.
Do you even know what the word shill means?
Like wtf do you think I’m trying to sell?
it seems you’re selling that idea that China = USA as to minimize bad actions by China.
removed by mod
Thats not really a thing you sell and I literally start my comment with
I mean, ill always say that China is worse than the US
So it seems you really just cant cope with the fact that the US is a bad guy as well.
ideas are sold every day. maybe there is a reason you want to focus on the US instead? hmm weird no that can’t be true at all.
That’s false equivalence.
China killing protesters and silencing dissidents does not make it OK for Google or anyone else to spy on you.
No one is saying Google massacred protestors, but if you’re gonna be against keyboard apps spying on you it should be irrelevant who they’re spying for. Criticizing shitty things American companies do doesn’t make you a China shill and calling everyone who does it a China shill is intellectually dishonest.
removed by mod
The troops advanced into central parts of Beijing on the city’s major thoroughfares in the early morning hours of 4 June and engaged in bloody clashes with demonstrators attempting to block them, in which many people – demonstrators, bystanders, and soldiers – were killed.
Here’s a video of an interview with Chai Ling recorded on May 28, 1989 with reporter Philip Cunningham. Chai Ling was arguably the most influential leader of the student protesters at Tiananmen Square. In the interview she openly wishes for the soldiers to massacre the students after her instrumental role in blocking attempts by other activists to move the protest back to campuses, all while refusing to sacrifice herself.
Notable quotes from this interview include:-
“You, the Chinese are not worth my struggle. You are not worth my sacrifice”
“The students keep asking what shall we do next? What can we accomplish? I feel so sad, because how can I tell them what we’re actually hoping for is bloodshed - for the moment when the government has no choice but to brazenly butcher the people?”
“Only when the square is awash with blood will the people of China open their eyes. Only then will they really be united”
“If we allow the [protesters] movement to collapse on its own, then the government will be able to wipe out all the leaders of the movement”
Upon being asked if she will stay in the square herself after urging the students to stay she simply responded, “No, I won’t”.
When the Tiananmen Square incident erupted in violence on June 3rd, Chai Ling escaped from Beijing by train. She was eventually smuggled to Hong Kong via Operation Yellowbird, an MI6/CIA led initiative to extract dissidents who they hoped would form the nucleus of a “Chinese democracy movement in exile”. To my knowledge, no details exist about how and when she made contact with them. She was subsequently invited to study at Princeton on a full scholarship due to her pivotal role in the Tiananmen protests. She studied Politics and International Relations there, eventually picking up an MBA from Harvard. Today, she runs an internet company called Jenzabar that she founded with her husband, the lawyer Robert Maginn, a long time associate of the Republican party, having even served as the chairman of the Massachusetts Republican party between 2011 and 2013. Their company serves more than 1300 higher education institutions worldwide, whom they provide with ERP software.
Simple solution is to block lemmygrad and hexbear in your app. That cuts down quite a few tankies and mainlaind Taiwan shills.
Been using lemmy for a few days and I am already feeling the need to do just that.
How so? I’ve been using since the API blackout and not seen any content from either instance.
Imagine being in Taiwan and having full access to information about China and the west and still shilling for China. Those types of people should be looking for a dominatrix, not a political philosophy…
I think they might be using “mainland Taiwan” as a way of saying China - Taiwan is an island which China thinks is “theirs” for some reason.
removed by mod
The politicians have to play nice and be polite. Right up until they don’t have to anymore.
The people can recognize that Taiwan is what happened to the last freely elected government of Western Taiwan, and that the CCCP are nothing more than despots and authoritarian tyrants that freely abuse their own people, and would absolutely be bullying the world, if they were actually as powerful as they claim to be.
The CCCP ≠ China or the Chinese people.
The CCCP = Western Taiwan
“Yes, but history…” they will say.
And in history China used to be the opium export market of the Brits so by historic rules it has to be that again. I guess they’ll say “but that’s different”.
no one tell this guy what happened to the native taiwanese
Tbf, it was theirs - until it wasn’t. At this point, it is a bit like the British were insisting that the US was theirs.
You’ve got it backwards - Taiwan (the Republic of China) actually used to control the mainland before the Chinese civil war that resulted in the modern-day government (the People’s Republic of China) taking control. Source: https://en.m.wikipedia.org/wiki/Chinese_Civil_War
“Taiwan” was never the administrative centre of China, come on. Some of the Chinese ruling classes fled there after the revolution. It’s like saying the capital of Germany was always Bonn.
Sorry, bad phrasing. I intended to say “The current government of Taiwan”
The history of Taiwan is quite a bit more complex than that, but the PRC (current government in mainland China) has never controlled Taiwan - it was never theirs.
Taiwan was a Japanese colony from 1894 until 1945 when Japan was forced to hand it over to the ROC (the successor government to the Qing dynasty, which was the last time you could argue China controlled the island - the Qing managed to almost fully colonize it before losing it to the Japanese, although a lot of the mountainous parts of Taiwan were still mostly autonomous at that time and inhabited by aboriginal Taiwanese who continued to resist the Qing rule)
The ROC takeover of the island is also seen as another colonization by many Taiwanese as well - the descendants of the Qing era colonists who were mostly Hokkien speakers from Fujian, while the ROC migration in 1949 was mostly Mandarin speakers from wider China, who fairly brutally imposed their rule over the island (see 4 decades of martial law, etc.)
ROC managed to reform itself over time, and Taiwan is now a vibrant democratic country which is forging its new national identity where most people would prefer to be left alone to control their own affairs.
There’s a bunch of Taiwanese people who would welcome Chinese rule. I don’t know why… The CPC sucks my balls
Wtf is up with hexbear?
If I understand correctly, hexbear is where the refugees ended up after Reddit banned r/ChapoTrapHouse.
Check it out for yourself !main@hexbear.net
A must have on apps to be able to block/filter instances
mainland Taiwan
You must mean West Taiwan. Sadly they refuse to acknowledge the authority of Taiwans government.
Sir this is a Wendy’s
Or more specifically, a thread about a phone keyboard.
But it is true that Google and Microsoft phone home with your key strokes. That’s how they develop their predictive typing and autocorrect.
If you can’t see the fundamental intertwining of Google (or any other fortune 500 company) and the US State, then you should really start looking harder. Lobbyists, revolving door membership, corruption, tax writeoffs, corporate power being used to influence day-to-day life, really, US companies’ control over the US state is pretty similar to the Chinese State’s control over Chinese Companies. I just don’t think corporations should be in charge like y’all seem to.
removed by mod
