Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Android Security China Windows

Chinese QQ Browser Caught Sending User Data To Its Servers 68

An anonymous reader writes: A report from the Citizen Lab at the University of Toronto reveals that the popular QQ Browser is collecting sensitive user information and sending it in an insecure manner to its servers. The Android version is collecting data such as the user's search terms, browsing history, nearby Wi-Fi networks, and the user's device IMSI and IMEI codes. For the Windows version of QQ Browser, the app was caught collecting data such as the user's browsing history, hard drive serial number, MAC address, Windows hostname, and Windows user security identifier. All of this is sent unencrypted, or with a weak encryption, to Tencent's servers, QQ Browser's manufacturer. Additionally, the update process is flawed and delivered in an insecure manner that allows others to manipulate upgrade patches with malicious software. This is the third browser caught exhibiting this behavior after UC Browser and Baidu Browser.
This discussion has been archived. No new comments can be posted.

Chinese QQ Browser Caught Sending User Data To Its Servers

Comments Filter:
  • by Frosty Piss ( 770223 ) * on Tuesday March 29, 2016 @10:40AM (#51799741)

    I'm shocked! Shocked, I tell you!

    • Couldn't mod this up as I don't have any points, but you totally stole my comment and opinion on this one.
    • I'm shocked! Shocked, I tell you!

      Beat me to it.

      Yes, this certainly is shocking news, who could have seen this coming?

    • by Anonymous Coward

      I had a Chinese browser once.

      Half an hour later I wanted another one.

    • by tnk1 ( 899206 )

      I'm shocked! Shocked, I tell you!

      If only there was some gambling in that browser, it would be so much better.

    • by jbn-o ( 555068 ) <mail@digitalcitizen.info> on Tuesday March 29, 2016 @11:27AM (#51800103) Homepage
      The real problem is nonfree software—software which denies its users the freedoms of free software [gnu.org]—which is also appropriately called user subjugating, proprietary software—not nationalism. There are plenty of software distributors in other countries that mistreat their users by distributing proprietary software. All proprietary software is inherently untrustworthy because proprietary software doesn't grant its users software freedom. Some distributors distribute proprietary software precisely because they know they stand a good chance of getting away with malware (including digital restrictions, spyware, ransomware, and backdoors).
    • In other news: The sun rose today!
  • by Anonymous Coward on Tuesday March 29, 2016 @10:42AM (#51799753)

    "In Communist China, internet browses YOU!"

    • by Zocalo ( 252965 )
      Also in Communist China, QQ Browser rage quits YOU!

      Seriously, was there a deliberate clue in the name or something?
  • You say this is a "popular" browser, but who really runs a non-standard browser anyway? (I just haven't seen it.)
    • The worlds most popular beer is or Snowflake beer but you probably haven't heard of that either.
      • Encoding screwed that post up. There's supposed to be a Chinese word in there that translates to "Snowflake beer".
  • by Anonymous Coward

    Chrome does the same thing, when will it get a ./ article?

  • by JustAnotherOldGuy ( 4145623 ) on Tuesday March 29, 2016 @11:03AM (#51799913)

    What would really be shocking is if it didn't send data back to some Chinese mothership somewhere.

  • Actually that might be a good thing. For one, the bad traffic was easily found, and for another it might be rather easy for some enterprising individual to mock-up some traffic and feed their servers with junk data...

  • by Anonymous Coward

    Anyone know the reason why people in China would be using QQ, etc over more typical stuff elsewhere? It seems like these browsers are made by various Chinese online services - why are they popular? Or is just one of those things where a tiny minority of Chinese users are using these things and that's still a huge number?

  • I see a lot of comments about how this should just be assumed because it's China. The irony is that the very same assumptions are being made about U.S. tech based on the behavior of the government and corporations. Let's be clear here: It's wrong when the Chinese government or corporations do it, and it's wrong when the U.S. government or corporations do it. And, if we're not careful, the U.S. is going to look a lot more Chinese as time goes on, and the rest of the world will simply stop buying what we are

  • by Anonymous Coward

    given that Google Web Search, Chrome, and Windows, sends even more sensitive information on you back to Google and Microsoft? Typical anti-Chinese propaganda.

    • Chrome has an option not to send info to Google (is it respected?). And you can hide your google searches by using a variant like startpage.

      And MS didn't start that til Windows 10. Although, people have collectively lost their shit over Windows 10 (correctly so).

  • by sydbarrett74 ( 74307 ) <sydbarrett74.gmail@com> on Tuesday March 29, 2016 @01:05PM (#51800893)
    Doubtless, this is a 'feature' mandated by the Chinese government and not a bug.
  • Obviously, they have to give up all data to the chinese gov. This is so that the wonderful Chinese gov can keep their ppl safe. It would NEVER be about restricting their access or finding out who is locating information about freedom.

This process can check if this value is zero, and if it is, it does something child-like. -- Forbes Burkowski, CS 454, University of Washington