The MY2022 app is a required download for Olympians and looks like a security nightmare
A while back we heard that a handful of countries advised their respective Olympic teams to leave all personal electronics at home and use a "burner phone" while in Bejing. This was, of course, done because of concerns about the Chinese government's heavy hand with the internet and all electronic communications. Sometimes, Big Brother really is watching.
It turns out that this advice was pretty solid, as researchers have torn apart the Android and iOS versions of the MY2022 app — which is required to be used by all Olympians — and found some really interesting things. Not the good kind of interesting, either.
There is a lot to process in this Twitter thread, and none of it is good. Taken at face value, the code for the app on both platforms shows:
Yikes! This doesn't give an air of confidence about using the app that China forces athletes to install on their phones if they wish to participate in the 2022 Winter Games. It's also worth noting that both Apple and Google have done a lot of work to make sure applications can't do any of this. Still, no type of security protection is ever foolproof and this is a great example. I've tried to find someone in Bejing with an Android 12 phone to see if the microphone indicators are active, but I'm not very well connected in the Olympian crowd. If you are, please take a moment to help out.
- Prev
- Next
