The Chinese software major Baidu has been accused of stealing user’s data via its Baidu Browser and sending them to its private servers unencrypted. Toronto’s Citizen Lab has published the leaks.
Average mobile phone users in India may not have heard of Baidu, but in reality, it is actually a colossal corporation in China. Famously known as ‘China’s Google’, the internet search giant has a vast number of Android applications which serve its expanded ecosystem just like Google. But like all other things Chinese, the company also has a sketchy past of collecting sensitive user data and storing it on its servers. Now it seems like the company is at it again as Toronto-based Citizen Lab has issued a new report of the company’s Baidu Browser and its security flaws.
Citizen Lab in its report has said that Baidu Browser collects sensitive user data via its Android browser such as user’s GPS coordinates, search terms, and URLs visited, without encryption and transmitted the user’s IMEI and a list of nearby wireless networks with easily decryptable encryption. The report also says that all the other apps which share the Baidu SDK, such as the ES file explorer, are all affected by this data leakage problem. Baidu has denied any allegations relating to the data being transmitted to the Chinese Government. Since Baidu is one of the biggest app companies in the Asia and the world, the users of apps which use the Baidu SDK are in millions.