Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping.

  • Landrin201
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    4
    ·
    1 year ago

    Because all the sinophobe tech bros have migrated to Lemmy and don’t actually understand the shit they’re talking about. They think the tech THEY use is super cool and want to keep using it, and also think China is scary and an imminent threat to them sitting in their gamer chair surrounded by doritos.

    • wizardbeard@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      2
      ·
      1 year ago

      Or maybe, just maybe, people have been packet sniffing Microsoft’s shit for ages and haven’t found them to be doing things quite as egregiously. Go ahead, you can look this shit up.


      Most of the spying features in Windows are able to be explicitly disabled through options Microsoft publishes themselves. It’s Group Policy, only available on Pro licenses, but anyone concerned about privacy should be on that anyway or spoofing their license using again, Microsoft published techniques (KMS). There’s also often registry keys to toggle it as well, but they tend to not be as reliable and change over updates.

      There are also tons of ways to strip out entire components of Windows from the install media before installation, and also after it has been installed. Can’t collect telemetry “X” if the telemetry “X” service isn’t there.

      Lastly, host file allows blocking network traffic to specific endpoints, and the very few times Microsoft has bypassed that it has made news. You can just block Microsoft’s entire IP block through host if you’re really paranoid.


      Beyond that, I’ve seen plenty of people concerned about the US’s data collection. It’s just not always spoken about as a US thing but more as a general tech thing, likely because internet discussion is still very US centric outside the great firewall and most big tech in the English speaking world comes from the US. So i think the US connection often just goes without saying.


      I’ll give you this: framing much of this as related to any nation state instead of just all tech’s hoovering up of data is disingenuous.

      Also, if your threat model truly needs to be concerned about any nation state actors specifically then you’re probably already fucked.