Compliance Management, Privacy, Vulnerability Management

Baidu bad news as it practically gives away user PII: Report


Citizen Lab reported the popular Chinese browser Baidu will not only help a user find a website, but may also release the person's personal identifiable information.

Citizen Lab, which is part of the Munk School of Global Affairs at the University of Toronto, said in a report that Baidu has issues with both Windows and Android. The main problem is the browser transmits the user data little or no encryption and it's also vulnerable to man-in-the-middle attacks.

When Baidu is used on the Android platform users can have their location given away along with a list of the nearby wireless networks using easy bypassed encryption. The situation is even worse with Windows. Here the user's search terms, hard drive serial number model and network MAC address, URL and title of all webpages visited and CPU model number are left vulnerable.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.