groovyvur.blogg.se - Qq browser latest version

In this case, it's Chinese Internet giant Tencent, who provides its QQ Browser for the Windows, Mac, Android and iOS platforms.Īccording to the research group at Citizen Lab, the Android and Windows versions of this browser are collecting a trove of data from its users and have design flaws that expose this information to prying eyes while in transit. QQ Browser is yet another of those heavily customized Chromium clones that are distributed by companies that have no reason to distribute browsers. Several vulnerabilities also exist in the update process used by QQ Browser, two of which could allow a remote attacker to execute arbitrary code on the affected device.A report from the Citizen Lab at the University of Toronto reveals that the popular QQ Browser is collecting sensitive user information and sending it in an insecure manner to its servers. The ease with which an attacker could obtain the information poses a significant threat to any user, with both man-in-the-middle attacks and data theft easily achievable. This data is either unencrypted or is encrypted using hard-coded keys and as such is easily decrypted it is also sent using HTTP.

A hardware fingerprint of the network MAC address and hard drive serial, model and controller version numbers.īoth versions collect the IP address, device hostname, full URL name, search history and Q-GUID unique user string.

All in-range WiFi access point names and MAC addresses.

Both the International Mobile Equipment Identifier (IMEI) and the International Mobile Subscriber Identifier (IMSI).

QQ Browser collects and transmits large amounts of data on both the user, device and sites visited to several URLs.