Famëmarrja of a sudden, the DeepSeek has attracted the attention of researchers for safety and security. After discovering that the company shall send the details of the entry in the China Mobile, a number of weaknesses have been identified by NowSecure, including the iOS, which sends data to China without kriptim.
The Server is controlled by ByteDance
The NowSecure revealed that the iOS is DeepSeek transmits the data to the user device over the internet in clear text, so that it can be read by everyone with a tool to monitor the traffic. Apple is offering one of the features of the safety and Security of the Transportation of the Applications that use TLS, but it is disabled in the application. The data is përgjohen and modified to attack the Man-in-the-Middle.
The researchers found that much of the data is sent to the platform in the cloud Volcengine operated by ByteDance. This allows the user to be traced using the technique of a set of fingerprints. They sent also to the Intercom, a company that provides an SDK to be integrated into the iOS.
NowSecure revealed that the names of users, passwords, and keys and the code is stored in a database for local and easily accessible. Another serious vulnerability is due to the use of algoritmit kriptografik 3DES, is considered outdated by the NIST (National Institute of Standards and Technology) in 2016, as it does not offer adequate protection.
The researchers suggest their businesses, and government agencies that get it immediately using the "walkman" application, iOS, because it does not provide, nor the protection of a minimum of security. Both the politicians of the usa and will submit a draft law to ban the DeepSeek of the equipment by the government.
Discussion about this post