Chinese Academy of Sciences report 360 products there are three privacy issues
360 browser user privacy issues once again attracted attention. According to the Shanghai Youth Daily reported on November 23rd, the Institute of information engineering, Chinese Academy of Sciences sponsored the privacy protection seminar held in beijing. The meeting by a Key Laboratory of offensive and defensive security technology of Chinese Academy of Sciences wrote "personal privacy disclosure risk research report" report revealed that has been in the name of Security 360 browser in terms of architecture design, operation principle should exist three major privacy issues, will bring serious harm to the safety of users.
, which will bring serious harm to user security, the Shanghai Youth Daily quoted an expert said.
previously, the Ministry has announced that it will launch an investigation on 360 security issues, but there is no authoritative introduction of convincing findings. Chinese Academy of Sciences as a professional organization of information research, the report issued by this, or will become an important basis for the promotion of the problem.
"Shanghai Youth Daily" also learned from the meeting, the whole of the Chinese Academy of privacy protection in view of the current commonly used Internet products and services, involving browsers, instant messaging, e-commerce, community sites and other categories. From the reporter was removed to get the text of the report, in the study of privacy protection in the browser section, Chinese Academy of Sciences Institute of information engineering, the researchers conducted a detailed research and Analysis on the 360 security browser, and summed up the top three list of security issues, there are 360 security browser including: collect users open the browse page the address in the browser address bar, collect user input information and reservation backend port, the user is unaware of the use of cloud instructions executed in the background "install license agreement" provisions beyond the content of function etc..
survey, the researchers through professional technology of the software process and a comprehensive environmental test, confirmed the existence of 360 security issues, and has repeatedly reproduced in the laboratory. The researchers said in a report, cases, when the user enters a complete web site in 360 security browser address bar, 360 browser to a specific server 360, successively transmitted every user input data until the input completed, send information contains only can determine the user’s ID, which may lead to a specific user address bar enter and browse records easily by tracking and leakage. Another analysis shows that these components or to be downloaded to the computer in a deceptive way to achieve some of the 360 security browser does not express the function, but also may cause the user’s computer was malicious intrusion".
in fact, in the past few months, 360 security software has been deeply in the whirlpool of security and privacy leaks, suffering from Internet users, media, opinion leaders and authorities questioned. Famous fake people Fang also on security issues for the 360 software issued by repeated questioning, the alleged 360 secretly steal user privacy, camouflage system patches, bundled software installation and 360 through the "cloud" of remote control computer user > etc.