Citizen Lab finds security flaws in MY2022 Olympic App
A new Citizen Lab report, released on January 18th, shows insufficient encryption measures within an app that can leave participants in the upcoming Olympic Games vulnerable to hackers, privacy breaches, and surveillance.
Citizen Lab’s report looks at MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, and has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Health customs forms which transmit passport details, demographic information, and medical and travel history are also vulnerable. Server responses can also be spoofed, allowing an attacker to display fake instructions to users.
Read the report, Cross-country Exposure: Analysis of the MY2022 Olympics App
Follow the latest media coverage
FBI urges temporary phones for Olympic athletes
(BBC News)
Winter watch: how China might keep a tight Olympic grip
(The Guardian)
Activists Ask Olympians to Protest at ‘Genocide Games,’ Despite China Warning
(Newsweek)
Required App Raises Fears China Will Track Sensitive Data During Olympics
(Voice Of America News)
Opinion: The Beijing Olympics are shaping up to be the Intimidation Games
(The Toronto Star)
China warns Olympic athletes to keep quiet on politics
(Nikkei Asia)
The surveillance concerns around China’s Winter Olympics app – explained
(The Guardian)
Watchdog report says mandatory Olympic Games app has ‘devastating’ security flaw
(The Hill – U.S.)
Canadian researchers find security flaws in Chinese government’s MY2022 Olympic app
(Global)
Chinese winter Olympics app has ‘devastating’ security flaws, burner phones recommended
(International Business Times)
Beijing Olympics app could expose athletes’ personal data, researchers warn
(Forbes)
IOC reacts to cybersecurity concern over Beijing My 2022 phone app
(Deutsche Welle)
China warns foreign Olympic athletes against speaking out on politics
(National Post)
China warns foreign Olympic athletes against speaking out on politics at Winter Games
(Washington Post)
Concerns for Olympic athletes safety and privacy are popping up 2 weeks before the Beijing games
(Business Insider)
China is forcing Olympic athletes to use a state-controlled COVID app that researchers say contains a ‘devastating’ security flaw
(Fortune)
Opinion: The Beijing Olympics has become an exercise in genocide denial
(Washington Post)
‘Checking a box’: Biden’s Beijing diplomatic boycott flop
(Politico)
Journalists are taking burner phones to the Beijing Olympics
(Washington Post)
Unlike Tokyo Olympics, U.S. Olympians Are 100 Percent Vaccinated Ahead of Beijing Games
(Newsweek)
US lawmakers demand IOC reaffirm athletes’ free-speech rights during Beijing Winter Olympics
(South China Morning Post)
China’s zero-COVID policy has some asking how Winter Games can go on during omicron surge
(USA Today)
Winter Olympics: Athletes advised to use burner phones in Beijing
(BBC)
‘China will be China’: Why journalists are taking burner phones to the Beijing Olympics
(The Washington Post)
Cybersecurity experts concerned about 2022 Beijing Olympics app
(CBC)
Toronto lab finds security vulnerabilities, censorship framework in Olympic app
(CBC)
Reinstate Canada-China committee to push back against Beijing
(National Post)
Can Blinken Defuse Ukraine Tensions?
(Foreign Policy)
Phone app Olympic athletes must use is easily hackable, cybersecurity group warns
(South China Morning Post)
DW exclusive: Cybersecurity flaws leave Olympians at risk with Beijing 2022 app
(Deutshe Welle)
Security Flaws Seen in China’s Mandatory Olympics App for Athletes
(New York Times)
Official Beijing 2022 Olympics Mobile App Is Marred by Security Flaws, Researchers Say
(The Wall Street Journal)
China’s Games app has security flaws, researchers say
(Reuters)
Security flaw found in smartphone app for Olympians in Beijing
(The Globe and Mail)
Mandatory app for Beijing Olympics participants is a security risk, Toronto lab finds
(The Toronto Star)
China’s Olympic app contains ‘simple but devastating’ flaw
(CTV News)