情報來源(英文):
https://betanews.com/2017/09/21/go-keyboard-spying-warning/
Reddit討論串(英文):
https://goo.gl/vjBQ8Y
中國新聞(簡體):
https://goo.gl/FtDvtH
沒打算全部翻譯,就節錄一些段落。
Adguard的資安團隊警告,由中國GOMO開發團隊開發的GO keyboard正監視用戶,包含回傳
個資到遠端伺服器,甚至使用禁止的技術下載危險的可執行代碼。(原文第一段)
雖然在app的描述頁面,開發者表明了不會收集用戶資料,但顯然與他們的隱私政策相背
。(原文第四段)
"Without explicit user consent, the GO keyboard reports to its servers your Go
ogle account email in addition to language, IMSI, location, network type, scre
en size, Android version and build, device model, etc."
未經用戶特別同意,GO keyboard會回傳你的Google信箱帳號,包含語言、IMSI、地點、
網路種類、螢幕大小、安卓版本和建置、裝置資訊等等,至他們的伺服器。
"Google's policies also ban the practice of downloading “executable code, suc
h as dex files or native code, from a source other than Google Play.” Again,
Adguard found that this is exactly what GO Keyboard is doing — downloading an
d executing code from a remote server."
谷歌的政策也禁止自Google play以外的地方下載可執行代碼,例如dex檔和本地碼。 一樣地,Adguard發現這正是GO keyboard正在做的