Baidu bad news as it practically gives away user PII: Report

Baidu uses little to no encryption when sending user data to its servers.
Baidu uses little to no encryption when sending user data to its servers.

Citizen Lab reported the popular Chinese browser Baidu will not only help a user find a website, but may also release the person's personal identifiable information.

Citizen Lab, which is part of the Munk School of Global Affairs at the University of Toronto, said in a report that Baidu has issues with both Windows and Android. The main problem is the browser transmits the user data little or no encryption and it's also vulnerable to man-in-the-middle attacks.

When Baidu is used on the Android platform users can have their location given away along with a list of the nearby wireless networks using easy bypassed encryption. The situation is even worse with Windows. Here the user's search terms, hard drive serial number model and network MAC address, URL and title of all webpages visited and CPU model number are left vulnerable.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS