北京時間4月16日晚,中國國家質檢總局發佈一項風險警示,稱在近期的一項對智慧手機的檢測中,40批次的手機樣品中,有18批次樣品存在品質安全隱患,13批次樣品後端資訊系統存在資訊安全漏洞,這些問題可能導致用戶隱私數據泄漏甚至智慧手機被惡意控制。
On the 16th April evening Beijin time,AQSIQ(General Administration of Quality Supervision, Inspection and Quarantine the People’s Republic of China) issued a risk warning reporting that there were 18 batches of sample having quality and safety risk,13 batches of sample existing Information security vulnerabilities among 40 batches of sample in a recent testing of smart phone.These problems may lead to users’ privacy data leakage even malicious phones’ control.
智慧手機與我們的生活越來越緊密,目前中國手機網民已將近7億,但智慧手機的資訊安全問題不容忽視。
Since Chinese smart phone netizens raises to nearly 700 million,mobiles are getting more and more relevant to our lives.However,we cannot ignore the information security.
中國國家質檢總局在通報中表明,18批次存在品質安全隱患的樣品中,13批次樣品後端資訊系統存在資訊安全漏洞,包括未限制用戶密碼複雜度、未限制非法登陸次數、未限制短信驗證碼錯誤使用次數、重置密碼的短信驗證碼由本地生成、未對數據包重要訪問控制參數進行校驗導致可被越權操作;9批次樣品中的預置應用軟體未向用戶明示且未經用戶同意,擅自收集用戶數據;1批次樣品未實現對用戶數據的操作許可權控制功能;1批次樣品作業系統的更新未向用戶明示且未經用戶同意,擅自自動升級。
AQSIQ indicated in the bulletin, among 18 batches of sample having quality and safety risk,13 batches of sample existing Information security vulnerabilities,have the problems including following :Unlimited users password complexity;Unlimited times of illegal landing;Unlimited usage of SMS verification code;reset password SMS verification code generated by the local; No significant access control parameters of the packet can be checked for unauthorized operation;Pre-configured App collect users’ information without authorization among 9 batches of sample.One batch of sample fails to control the personal data of users.One batch of sample upgrade its operating system without agreement of users.
(中國網作者 楊雲寒 綜合報道 陳萍萍/譯)
來源: 中國網綜合 | 作者:楊雲寒 | 責編:楊雲寒 審核:張淵
新聞投稿:184042016@qq.com 新聞熱線:13157110107
版權所有 中國網際網路新聞中心
電話: 057187567897 京ICP證 040089號