QQ 瀏覽器的 RSA 實現爆出嚴重漏洞

https://arxiv.org/abs/1802.03367

https://news.ycombinator.com/item?id=16362488
已邀請:

we微博

贊同來自:

看瞭文章,是 2016 年很早時發現的漏洞,早就修復瞭,可能文章現在才發出來。

葉知秋vanessa

贊同來自:

When users run QQ Browser on Android, it makes a series
of what QQ Browser interally terms as “ WUP requests ”
to QQ Browser ’ s server. These WUP requests
contain information such as a user ’ s International Mobile
Equipment Identifier (IMEI), International Mobile Subscriber
Identification (IMSI), QQ username, WiFi MAC
address, SSID of connected WiFi access point and of all
in-range access points, Android ID, URLs of all webpages
visited, and other private information.

要回復問題請先登錄註冊