Baidu IME Banned for “Spying on Japan”

baidu-tan-1

Top Chinese portal Baidu has had its Japanese IME identified as a probable espionage tool after it transpired it is logging all Japanese text entered and sending it off to Baidu, causing such consternation that the government is warning against using it.

The IME (input method editor) needed to efficiently enter East Asian languages on PCs is included with Windows, but Microsoft’s offering is frequently replaced with those of other makers (most notably Google).

baidu-tan-2

Baidu’s freely distributed IME, already noted for its underhanded uninstaller, is now the subject of an official warning from both Japan’s National Information Security Center and its culture ministry MEXT.

According to analysis of the software, it automatically transmits all email, search history, word processor documents and other typing (including, most probably, password strings) to Baidu’s servers for “cloud conversion.”

NISC and MEXT have told some 140 governmental institutions they need to stop using the software lest what remain of their secrets end up in China.

Baidu’s Japanese subsidiary claims 2 million users of the IME, which even given their probable vast exaggeration amounts to a potentially significant trove of government secrets, and the company also provides “Simeji” smartphone software with similar functionality.

After the warning was widely reported they released a new version which they claim addresses the issue and helpfully explained that “no data is logged on our servers without permission from the user.”

Such is the extreme distrust of Baidu online already the only raillery to be seen looks to be against anyone dumb enough to be using it:

“We knew!”

“Nothing is more expensive than free?”

“2 million users…”

“I can’t believe anyone would consider using made in China software.”

“To think there were public bodies dumb enough to install this trash on their PCs….”

“Just avoid anything made in China and you are in the clear!”

“As expected of China quality.”

“This stuff mostly gets installed bundled with other software I think, so most probably don’t realise.”

“Lenovo.”

“Simeji has 7 million downloads so I’d be more worried about that…”

“Simeji was made in Japan but got bought up by Baidu.”

“Hopefully they can arrest the users with that new anti-spying law.”

“I’m left wondering about Google’s IME…”


    Post Comment »
    53 Comments
    Sort by: Date | Score
    Comment by Anonymous
    08:34 27/12/2013 # ! Quality (+1.0)

    Obvious spy is obvious.
    Even Google Translate is known to log requests.

    Comment by Anonymous
    08:38 27/12/2013 # ! Quality (+1.0)

    They'll have a good time with all the porn I run through it then.

    Comment by Anonymous
    16:37 27/12/2013 # ! Good (+0.6)

    Sadly, it's all automated profiling, but thanks for the amusing mental image.

    Comment by Anonymous
    10:55 27/12/2013 # ! Neutral (+0.4)

    "Anything yet Corperal?"
    [Fap Fap Fap Fap Fap]
    "Nothing yet, Sir! I'll continue looking and sending you copies of the searched files!"
    [Fap Fap Fappity Fap Fap]

    Comment by Anonymous
    16:22 27/12/2013 # ! Neutral (+0.2)

    I dunno you can only whack off so much. I guess the ladies can keep slicking though?

    Comment by Anonymous
    10:53 27/12/2013 # ! Neutral (0)

    Nah, they're probably raging because they just realized that there's porn on the internet thanks to you :p

    Comment by Anonymous
    10:35 27/12/2013 # ! Neutral (+0.2)

    >installing chinese software

    serves them right, for being that stupid

    Comment by Anonymous
    13:31 30/12/2013 # ! Neutral (0)

    @Anon 10:35

    "serves them right, for being that stupid".

    Okay, that's true. Yet, does that make you "stupid" for ever having had your messages routed through equipment made by:

    Airlink
    Apollo
    Apple
    AT&T
    Bay Networks
    Castelle
    Cisco
    Compaq
    D-Link
    Hawking
    Hewlett-Packard
    IBM
    Intel
    Motorola
    Netgear
    Nortel
    SynOptics
    Tektronix
    Wyse
    or Xerox, since you have no idea whether or not those companies have ever had their firmware modified by Chinese nationals, or companies or contractors influenced by the Chinese government (Communist or Nationalist)?

    BACKDOOR_VULNERABILITIES_R_US=YES; export BACKDOOR_VULNERABILITIES_R_US

    Comment by Anonymous
    03:09 27/12/2013 # ! Neutral (+0.2)

    Wait what, people willingly used Baidu in japan?

    Comment by Anonymous
    23:34 27/12/2013 # ! Neutral (0)

    Don't you remember when idiots would willingly install Bonzi Buddy?
    Idiots are everywhere.

    Comment by Anonymous
    02:40 28/12/2013 # ! Neutral (0)

    China censors their own internet, what made these idiots think China wouldn't use it to spy on them, while allowing them to do things their own people cannot?! Installing Chinese software, as expected of plebs.

    Avatar of Renzo
    Comment by Renzo
    19:18 27/12/2013 # ! Neutral (0)

    Nothing new.

    You don't like, don't use it.

    I myself won't use and entrust any Baidu-sponsored

    software at least for now.

    Comment by Anonymous
    21:58 27/12/2013 # ! Neutral (0)

    Not like you'll ever need to either. There are alternatives and those do not have spying allegations on them.

    Comment by Anonymous
    20:01 27/12/2013 # ! Neutral (0)

    "...Baidu’s servers for “cloud conversion.”

    Choose your poison for 'cloud' computing.

    *Sent via Android phone

    Comment by Anonymous
    03:19 27/12/2013 # ! Neutral (0)

    Google, China version. Nothing new.

    Comment by Anonymous
    22:23 28/12/2013 # ! Neutral (0)

    yep, Google is bad enough. and for it to be made in china make matter worse.

    Avatar of Chen-04
    Comment by Chen-04
    03:31 27/12/2013 # ! Neutral (0)

    Everyone's spying on everyone these days. When Microsoft pulled something like this back in the early days it was big bad news, now everyone's fine with google doing it. Oh.. but if the Chinese are doing it it's bad again.

    So...

    SocialMedia: It's fine because it's their business model
    Google spying on us: fine, too
    NSA spying on us: no big deal, but remind them of the law from now and then

    Chinese spying on us: OH NOEZ.

    Can't people have that kind of reaction on spying more often.. like.. always? Most of you are carrying a tracking device that doubles as a bug (the kinds that listen to the stuff you say without you knowing) - only people call it a phone.

    Why do people not care anymore for privacy?

    Comment by Anonymous
    03:54 27/12/2013 # ! Neutral (+0.4)

    Remember the days when it was considered bad practice to give out your email and/or name on the internet? I miss that.

    Comment by Anonymous
    16:47 27/12/2013 # ! Neutral (0)

    I don't remember a day where that stopped being the case. Although I fondly remember the days where most users knew they shouldn't.
    The eternal September has come.

    Comment by Anonymous
    08:39 27/12/2013 # ! Neutral (+0.2)

    Countries like to point at each other to make themselves look better, but they're all hypocrites.

    I'd like to know why nobody complains about the ridiculous permissions required by mobile phone games. Why the hell do they need to know my name, the people I call, my exact location, the messages I've sent and received, etc?

    Comment by Anonymous
    04:58 27/12/2013 # ! Neutral (0)

    The irony is, this is actually relatively harmless compared to Google logging surfing habits for market research.

    What is sent is how often each character is used, not the entire sentence in the order in which it's typed. Calling this a invasion of privacy is like saying you can see what a shredded letter is saying just because you see words out of order on the pieces.

    East Asian language system IMEs give a list of characters as you type on the 26 letter keyboard. More commonly used characters are put on top, instead of pages back. The IME sends how often ppl select each character back to the company, so they can make revisions to the list.

    Microsoft did this to their Japanese IME up until 4 years ago, once they already have enough information. Baidu is new at IMEs, and thus needs to build up their own priority queue.

    This is just politicians pumping up the right wing nuts, who are the only ones voting in Japan.

    Comment by Anonymous
    07:34 27/12/2013 # ! Neutral (0)

    Now imagine the IME sending your home address, credit card numbers + security codes etc. somewhere, to some unverified, unknown company in China, because you typed them in.

    Not so harmless now, huh

    Comment by Anonymous
    08:51 27/12/2013 # ! Neutral (0)

    I bought something from a chinese company off ebay, used my credit card and they started charging ton's of stuff.

    HEY WAKE UP PEOPLE THE CHINESE HATE EVERYONE EVEN THEIR OWN PEOPLE

    NUFF SAID

    Comment by Anonymous
    14:43 27/12/2013 # ! Neutral (0)

    Hey Genius, it's only the largest search engine in China and 3rd largest in the world.

    And the information is actually sent using utf format that you can read, not encrypted like spyware typically do.

    You also won't catch anything on antivirus, as it's not sent constantly, but only during updates that you would have authorized with the antivirus first. Those updates are two way, literally and figuratively.

    In any case, Baidu does spy on you, like all search engines do, just not through its IME.

    Comment by Anonymous
    16:06 27/12/2013 # ! Neutral (0)

    @14:43
    >I have seen the software's source code and I personally am a part of Baidu staff, I know what they're doing with the unencrypted, plain text they receive and there's no chance it'll get intercepted by 3rd parties

    Comment by Anonymous
    04:20 27/12/2013 # ! Neutral (0)

    Which is why you should have a firewall... which tells you when a software attempt to use the internet, so you can allow or block (temporarily or permanently) it's access to the internet...
    Something like an IME client, other than maybe an update or two once in a while (which it shouldn't need to begin with...) should NOT require internet access to work.

    Comment by Anonymous
    20:06 27/12/2013 # ! Neutral (+0.2)

    How does a firewall solve anything, when this 'cloud computing' software is suppose to send information back and forth.

    Comment by Anonymous
    04:58 27/12/2013 # ! Neutral (0)

    It is the Anti Virus software that says if your computer has software that acts like a virus (software that you installed accessing your computer etc) the firewall is just there to block outbound and inbound connections .. don't get those things mixed up

    Comment by Anonymous
    05:24 27/12/2013 # ! Neutral (+0.2)

    The fuck you talking about

    He said firewall.

    You know... you get a warning when software wants to send a package somewhere (a.k.a. outbound connection)? Just like the guy said?

    Oh and btw, since you seem to be retarded, logging text and sending data isn't behavior exclusive to viruses, so nothing would detect it.

    Comment by Anonymous
    15:10 27/12/2013 # ! Neutral (0)

    Actually, you won't get that warning, since the software didn't make a connection. It doesn't send constantly like spyware, but rather do it during software updates that you would have authorized with the firewall already.

    The stuff that's sent also isn't encrypted like spyware, but in utf format that you can actually read, if you monitor it and want to for some reason.

    It's also not coherent sentences that's sent, but rather the number of times each character was typed.

    They're also not interested in peeking into your sexting sessions, but rather info on how to to improve their IME.

    Here's how Asian language system IMEs work: You type phonics using 26 letter standard English keyboard -> it gives a list of same/similar sounding characters -> you select the right one.

    There are many pages of characters for every sound, with most frequently used ones in front, and rare ones pages back. How do they know which one is most frequently used? The IME tells them.

    Microsoft did the same thing for their IME bundled in Japanese Windows up until 4 years ago, when they had gathered more than enough data to basically finalize their list.

    In fact, you wouldn't want to use an IME that does not do this. Why? Because you'll have to scroll pages for every character you type.

    I don't know why I bother explain this stuff to you trolls...

    Comment by Anonymous
    23:34 27/12/2013 # ! Neutral (0)

    @16:45
    Everyone, including you, knows what firewall means in the context of this discussion, so kindly be an expert somewhere else.

    Comment by Anonymous
    16:45 27/12/2013 # ! Neutral (0)

    A pure firewall doesn't. Firewalls in the traditional sense only operate on network addresses. Being able to control access on per-binary basis makes them more of a capability based security system for networking.
    Windows firewalls are largely mis-named hybrids.

    Avatar of caiooa
    Comment by caiooa
    02:44 27/12/2013 # ! Neutral (0)

    so just for curiosity....isn't the same for bing?

    Comment by Anonymous
    03:14 27/12/2013 # ! Neutral (0)

    There is still 'Startpage'. They claim to offer privacy at the accuracy of Google. But i am unsure about it and i can't get to this site when i use it so...

    Avatar of Chen-04
    Comment by Chen-04
    03:34 27/12/2013 # ! Neutral (0)

    Because Startpage is google in private and google blocked sankom as far as I remember. You could use ixquick.com they're the same guys that do startpage but it's not only google.

    Comment by Anonymous
    07:51 27/12/2013 # ! Neutral (0)

    must have miss it

    Comment by Anonymous
    08:37 27/12/2013 # ! Neutral (0)

    Google = YouTube = Censormania.

    Comment by Anonymous
    05:34 27/12/2013 # ! Neutral (0)

    i can access this site just fine using Google though

    Avatar of Chen-04
    Comment by Chen-04
    07:43 27/12/2013 # ! Neutral (0)

    Blocked like in, won't get as a suggestion if you search for anime and stuff.

    Don't you rad sankom?

    http://www.sankakucomplex.com/2010/07/20/google-censors-sankaku-complex/

    Comment by Anonymous
    04:21 27/12/2013 # ! Neutral (0)

    Startpage returns the exact same results as Google, because they take their results from Google.
    If you don't get the same results, it's probably because you are using different content filtering settings.

    Comment by Anonymous
    11:40 01/01/2014 # ! Neutral (0)

    Its not that big a hassle:
    Go to settings (top right of "Startpage" /"Ixquick")
    Go to the end of the settings list
    - you'll find that the "Family filter" is set to: "Filter according to search"
    Change that to "do not filter"
    then save....

    Before doing this a search for "sankaku" yielded nothing relevant

    After; chan.sankakucomplex.com is the first suggestion

    This WILL save you trouble... after all your enemy is not NSA, but all kinds of local moralfags who may have fewer ressources - but want to put YOU behind bars... if you only give them an excuse

    Comment by Anonymous
    16:39 27/12/2013 # ! Neutral (0)

    well i did went with HTTPS, maybe that's why.

    HTTPS has nothing to do with this. You might want to disable content filtering here
    https://startpage.com/do/preferences.pl?language_ui=english

    Comment by Anonymous
    05:07 27/12/2013 # ! Neutral (0)

    well i did went with HTTPS, maybe that's why. Now i just let Google do whatever they want. It's just too much of a hassle to setup everything. There are still no laws against 2d in my country i think if there is then I'm screwed anyway, so fuck it

    Avatar of Neo
    Comment by Neo
    02:47 27/12/2013 # ! Neutral (0)

    I think those Chinese/Japanese input methods always need user's input data to improve its accuracy/speed. Actually, if it's a company that I trust, I would like them to stock my input habits in both offline and online form, encrypted though.

    But to say the truth, I seriously can't allow any search history be recorded... Damn, NSA already has mine.

    Avatar of Primus de Pedos
    Comment by Primus de Pedos
    02:52 27/12/2013 # ! Neutral (0)

    Just use yahoo or Google japanese version. Problem solved.

    Comment by Anonymous
    02:56 27/12/2013 # ! Neutral (0)

    because the americans are much less likely to spy on us right?

    Comment by Anonymous
    03:10 27/12/2013 # ! Neutral (0)

    Because Japanese and Chinese are mortal enemies.

    Avatar of loplop
    Comment by loplop
    06:52 27/12/2013 # ! Neutral (+0.2)

    The Japanese laws about obscenity and pornography or “injurious to public morals” go back to the Meiji period. It was not written into their constitution as some people scream all the time by the US occupation forces at the end of World War II. They predate the US occupation by about 70-ish years in the Publication Ordinance of 1869.

    Comment by Anonymous
    22:24 29/12/2013 # ! Neutral (0)

    "Did chinese or russians killing and raping people in japan? oh wait americans do it."

    You know who else kills or rapes people in Japan? Japanese people. *gasp*

    Comment by Anonymous
    06:18 27/12/2013 # ! Neutral (0)

    LOL wut/

    Avatar of Ore wa seitei Souther!! Nanto rokusei no teiho![Takemaru]
    06:22 27/12/2013 # ! Neutral (0)

    The "pussy-censoring law" is almost 100 years old. The politicians don't care about the amendment of the law. The police would have to fire the fatty old cops who are in charge of the censorship bureau.

    Comment by Anonymous

    Chinese drop atomic bombs on Japan? or Russians do it? oh wait it been japan best friend USA. Did chinese or russians killing and raping people in japan? oh wait americans do it.

    Comment by Anonymous
    06:06 27/12/2013 # ! Drivel (-0.8)

    The Japanese raped and pillaged Russia and parts of Asia for years and they're still butthurt that the rest of the world told them to stop. Except America who supported them. But it was american occupation that made them pass the censorship laws so no pussy in anime thanks to America.




    Post Comment »

Popular

Recent News

Recent Galleries

Recent Comments