Winter Olympics: Athletes Advised To Use Burner Phones In Beijing

New submitter sperm shares a report from the BBC: The Beijing Winter Olympics app that all Games attendees must use contains security weaknesses that leave users exposed to data breaches, analysts say. The My2022 app will be used by athletes, audience members and media for daily Covid monitoring. The app will also offer voice chats, file transfers and Olympic news.

But cybersecurity group Citizen Lab says the app fails to provide encryption on many of its files. China has dismissed the concerns. Questions about the app come amid a rise in warnings about visitors' tech security ahead of the Games, which begin on 4 February. People attending the Beijing Olympics should bring burner phones and create email accounts for their time in China, cyber security firm Internet 2.0 said on Tuesday. Several countries have also reportedly told athletes to leave their main devices at home. The report also says that it's found a "censorship keywords" list built into the app, and a feature that allows people to flag other "politically sensitive" expressions.

Well, that's super shady.

[Anonymous Coward]

The report also says that it's found a "censorship keywords" list built into the app, and a feature that allows people to flag other "politically sensitive" expressions.

Why is China so hell bent on being a sneaky jackass all the time?

Re:

[The New Guy 2.0]

"We've always been at war with WestAsia..."

Re:

[heinternets]

New Zealand has a Covid tracer app which many anti-vaxers think tracks their every move

Re:

[phantomfive]

The Apple/Android contact tracing API doesn't track you: https://developers.google.com/... [google.com]

You don't need to see the released source code, you can actually write your own app. Of course, it hasn't been adopted widely so it's not very useful.

Re:

[The New Guy 2.0]

USA has news apps that ask for location data in order to provide the current weather report.

Re:

[The New Guy 2.0]

Are we sure this is "China" or just a few bad actors within the Olympic games hosting org?

Re:

[Bert64]

Well they also go on to state that the censorship keywords are never used by the application code, So this list of words is just redundant junk data at this point, not any actual form of censorship.

They also go on to talk about china intentionally weakening encryption, but this claim has absolutely nothing to do with the application in question and just seems to be an attempt to bash china.

The bug they identified is that the application code does not validate SSL certs. This is a legitimate bug, and opens u

Better advice: don't go.

[mmell]

I don't believe in their intention or ability to assure the safety of the athletes or those who will accompany them. I wouldn't put it past Chinese authorities to arrest one or two random participants on espionage charges. I hear they make great bargaining chips.

Re:

[nightflameauto]

One or two? I could see them taking entire teams of people and "losing" them somewhere in their machine of misery. Pick a country they're ready to bat around like a kitten with a ball of yarn and just "oops" them out of existence for a bit.

Re:

[hawk]

this morning's news revealed that they've threatened that athletes can be "punished" for political statements . . .

kind of makes you want to change your country's uniform to fuzzy yellow pants, a red shirt, and yellow ear pieces . . .

In communist Chinaâ¦

[memory_register]

Phone uses you!

Re:

[The New Guy 2.0]

That was funny when it was the Soviets being made fun of.

Re:

[DrMrLordX]

. . . and it still is!

Re:

[AmiMoJo]

If you have an Android phone it work work very well in China anyway. Because Google services are blocked it will sometimes hang for a minute while it tries to contact a Google server and the Great Firewall simply drops the packets.

iPhones will work fine because Apple cooperates with the CCP. The best thing for visitors to do is probably to get a used iPhone for the trip.

Re:

[superdave80]

So, no more large gatherings for... well, years and years (decades) at least? You think COVID is going to disappear in the next few months? I'm truly frightened by people that think like you.

Re:

[ClueHammer]

Hay shit for brains, don't presume to know what I think. Covid is never going away. All large physical gathering should be illegal forever. It is the new reality. get used to it.

More Advice:

[j3p0]

Bring TWO Burners!

Re:

[Alcari]

Nah, one burner is fine. Just make sure you use all burner accounts too. Forward your main email to your burner account, and cut it off when you get back home. Sure, they'll have a copy of everything you get during your stay, but that's going to happen anyway. At least they won't get your whole archive.

Re:

[Ed Tice]

If you are going to the Olympics set up an out-of-office response. You don't really need a phone except for the official app so you can be in the right place at the right time.

Lots of juicy potential hostages

[dskoll]

Look how China treated the two Michaels from Canada. Any country sending athletes to China had better hope there are no current geopolitical disputes with China or their athletes may spend considerably longer in China than planned.

Re:Lots of juicy potential organ harvesting

[Anonymous Coward]

Any country sending athletes to China had better hope there are no current geopolitical disputes with China or their athletes may spend considerably longer in China than planned.

Indeed. And on an individual level, I'd be thinking real hard about anything and everything I ever said that might be irksome to some CCP thug before I ever step foot in China.

Re:

[Anonymous Coward]

And the sock puppet account appears again. Glad to see the karma on this account is already at -1.

Re:

[heinternets]

What happens if the Chinese government abuses and tracks personal data?

Re:

[tekram]

Where is the data and evidence on that? Why do you think Apple care so much about privacy of their consumers? Mainly because the of the GDPR laws of China and these 15 other countries that make up more than 50% of the world's population. Companies such as Google and FB don't really case because they don't do business in China.

Re:

[DrMrLordX]

Looks like we found another wumao.

Re:

[kaatochacha]

Where is the data and evidence of someone who controls all data and evidence abusing their control of data and evidence. Sigh. Please try again.

What happens in Beijing...

[byromaniac]

Burner phones, so what happens via dating apps in Olympic Village stays in Olympic Village. Oh, and some cybersecurity too, I guess.

Re:

[DrMrLordX]

Found yet another wumao.

New submitter sperm shares a report

[Chucknoris123]

Epic! Awesome intro

Re:

[sperm]

I guess I can only multiply my entries from there!!!

Why there of all places? Money.

[AndyKron]

Sounds like a fun place for the Olympics. Will they stop serving cooked cat while the games are on like last time?

Re:

[DrMrLordX]

No. Dog, maybe. But not cat. They'll still kill the cats.

Dupe

[Anonymous Coward]

https://yro.slashdot.org/story... [slashdot.org]

They will do this to all travelers in the future

[Nocturrne]

Even after this farcical Olympics is over, future business travelers and tourists to China will be targeted in the same way. We were already having instances of our engineers finding someone had tampered with their devices left in hotel rooms, before COVID. Of course, this assumes China will allow foreigners to visit again, at all. Xitler is making China more and more like North Korea.

Re:

[AmiMoJo]

This has been standard advice when crossing borders since 9/11. Backup and factory reset your phone, wipe or encrypt your laptop. In the UK border security can demand you turn your devices on and boot them up to prove they are real, and have been known to take data storage devices containing journalist's documents.

Also, isn't this a dupe? I'm sure I read this story on Slashdot before.

Re:

[Oliver Heaviside]

Not quite a dupe - the last story [slashdot.org] was only about Dutch athletes being warned.

Let's try that in the EU

[Gabest]

Since the terrorist attacks of the early 2000's, you have to register every pre-payed sim card with your real ID.

Deep fried sushi

[spinitch]

Gotta hand it to the crafty cuisine California roll especially yummy.

Re:

[kubajz]

Czech Republic here, EU member state. Correction of parent: it is normally possible to buy prepaid sim cards of several operators without showing ID, although various law enforcement agencies are lobbying for stronger controls.

Every forced app is burner-phone only

[phoenix321]

Anyone who ever forces you to use a certain app, this app is certainly malicious or bad or both and should not go on the main phone.

This includes the various covid apps cobbled together by authoritarian governments around the world.

Please get used to having a private and a public phone. Frustrate their attempts in getting access to private data. Android phones can be had extremely cheap and other than the hassle of charging and carrying both, there are no downsides of isolating suspicious apps. And all apps

Re:

[SunTzuWarmaster]

Basically this - anytime someone mandates an app on a phone you can just assume that its a bad actor. Also - having two phones is shockingly easy and affordable now. I had a burner phone with FreedomPop (200 texts, 200mb data, free) for a while. Basically "this only works on wifi" and a Google Voice number. You can turn an old phone into a burner somewhat easily as well.

Re:

[phoenix321]

As far as my experience taught me, the "preference for convenience", formerly know as "laziness" of so many people is unbelievably, unfathomably huge.

And I'm not talking "Linux on the desktop"-levels of inconvenience, not by far.

I'm talking about the level of downloading and using a browser that wasn't already installed with the OS. Using a browser that looks a little different and does not have "Internet Explorer" and the deeply-ingrained "e" on the icon. Not using the company laptop for NSFW browsing. Som