In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts sensitive data. These vulnerabilities could allow a network eavesdropper to decrypt sensitive communications sent by the app, including revealing all keystrokes being typed by the user. Following our disclosure of these vulnerabilities, Sogou released updated versions of the app that identified all of the issues we disclosed.
Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping.
ASK would be perfect if the swipe typing worked (it’s currently listed as beta, and is mostly actuate, but unfortunately when it does make a mistake fixing it is almost painful).
It crashes for me so often that I finally gave up using it.
Also there was a weird bug of where if you were working on a long document, towards the bottom of the document all of a sudden it will drag you all the way up to the top of the document, so then you had to scroll all the way back to where you were before, at the bottom of the document.
It crashes for me so often that I finally gave up using it.
Also there was a weird bug of where if you were working on a long document, towards the bottom of the document all of a sudden it will drag you all the way up to the top of the document, so then you had to scroll all the way back to where you were before, at the bottom of the document.