Olympic Athletes Advised Not To Bring Phones To Beijing Over Spying Concerns Athletes who are preparing to travel to Beijing for the Winter Games next month might want to think about leaving their personal smart phones at home. The reason: a new app developed by Beijing to track Olympic athletes' health data has been found to have several startling security flaws, according to a group of Canadian researchers called Citizen Lab. Citizen Lab told the NYT and other news organizations that it had shared its findings with the Beijing Organizing Committee on Dec. 3 but had not received any response. As a result, they're warning all athletes about the app's flaws, news that probably shouldn't come as a surprise given the CCP's reputation for mass surveillance. According to the NYT, the app - called MY2022 - is designed to transmit coronavirus test results, travel information and other personal data "failed to verify the signature used in encrypted transfers, or didn’t encrypt the data at all," according to the report by Citizen Lab. But the organization also found that the app will actively censor content viewed on users' phones: a series of political terms have been marked for censorship in the code. A Canberra-based cybersecurity company even went so far as to advise athletes to leave their phones at home, according to the Financial Review. The MY2022 app was created by the Beijing Organizing Committee supposedly to track and share COVID-related medical information among athletes during the Games. As for whom these data will be shared with, the app doesn't make clear. The researchers also claimed that the app failed to validate SSL certificates, which are needed to authenticate a website's identity and enable an encrypted connection. This flaw can be exploited by hackers hoping to transmit the data to some other malicious site. "Such data can be read by any passive eavesdropper, such as someone in range of an unsecured WiFi access point, someone operating a WiFi hotspot, or an Internet Service Provider or other telecommunications company," the report said. According to the NYT, the worries about the app's shortcomings "underscore broader worries about censorship and surveillance during the Games in China, which has one of the world’s most sophisticated surveillance and censorship systems." As a sop to the west, the Chinese government has already promised foreign athletes that they would be able to access the open Internet during their time in China. The Games are slated to begin Feb. 4, but several countries including the US, the UK, Japan and Australia have announced diplomatic boycotts of the Games over concerns about human rights in Xinjiang, a far-flung western province that's home to most of China's indigenous Uyghers. China has entered the final stages of planning for the pandemic. The app, called MY2022, was designed to bolster those precautions, enabling electronic links between the government and participants to contact trace in the event of any outbreaks. It resembles a broader system of app-based health codes used to control population movements in the event of outbreaks. Tyler Durden Tue, 01/18/2022 - 22:10