The Baidu IME Japanese-language input program for Windows computers poses security risk as it sends every character typed to the software provider’s server without the user’s consent

December 27, 2013 Leave a comment

Free Chinese-made software poses security risk

BY ATSUSHI KODERA

STAFF WRITER

DEC 26, 2013

A Japanese-language input program — potentially installed on millions of computers, including those used at government agencies — sends every character typed to the software provider’s server without the user’s consent.The Baidu IME program for Windows computers is distributed for free on the Internet by Baidu Japan Inc., the Japanese arm of China’s Baidu Inc., operator of China’s most popular Internet search engine.

Baidu Japan says the program, often installed with other downloadable software, is used by 4 million people.

The program is an input method editor (IME), which is required on a computer when entering Japanese characters. Baidu IME has cloud functionality that makes use of resources on the Internet in converting keystrokes into kanji, hiragana and other characters used in Japanese text.

The government’s National Information Security Center has warned all government agencies not to use IMEs with Internet connection functionality when creating confidential documents, or at least take the computer offline, according to Yuji Mizuta, a counselor at the Cabinet Secretariat.

“We are aware some IMEs send out entered characters over the Net,” Mizuta said. “We are alarmed by the risk of information leakage through users failing to turn off Internet connection functions.”

The NISC has confirmed that Baidu IME was installed on five computers belonging to the Foreign Ministry, but no information was sent out over the Internet, according to Mizuta. He also said there has been no report that any confidential information has leaked from any government agency through an IME.

According to NetAgent Co., a Tokyo information security company that analyzed Baidu IME, all Japanese characters entered via the program are sent to Baidu’s server located in Japan even when the application’s cloud function is turned off.

NetAgent meanwhile confirmed that Simeji, another Japanese input program from Baidu Japan used on Android smartphones, also sends Japanese characters even when the cloud function is off.

Filed under TMT Trends

Unknown's avatarAbout bambooinnovator
Kee Koon Boon (“KB”) is the co-founder and director of HERO Investment Management which provides specialized fund management and investment advisory services to the ARCHEA Asia HERO Innovators Fund (www.heroinnovator.com), the only Asian SMID-cap tech-focused fund in the industry. KB is an internationally featured investor rooted in the principles of value investing for over a decade as a fund manager and analyst in the Asian capital markets who started his career at a boutique hedge fund in Singapore where he was with the firm since 2002 and was also part of the core investment committee in significantly outperforming the index in the 10-year-plus-old flagship Asian fund. He was also the portfolio manager for Asia-Pacific equities at Korea’s largest mutual fund company. Prior to setting up the H.E.R.O. Innovators Fund, KB was the Chief Investment Officer & CEO of a Singapore Registered Fund Management Company (RFMC) where he is responsible for listed Asian equity investments. KB had taught accounting at the Singapore Management University (SMU) as a faculty member and also pioneered the 15-week course on Accounting Fraud in Asia as an official module at SMU. KB remains grateful and honored to be invited by Singapore’s financial regulator Monetary Authority of Singapore (MAS) to present to their top management team about implementing a world’s first fact-based forward-looking fraud detection framework to bring about benefits for the capital markets in Singapore and for the public and investment community. KB also served the community in sharing his insights in writing articles about value investing and corporate governance in the media that include Business Times, Straits Times, Jakarta Post, Manual of Ideas, Investopedia, TedXWallStreet. He had also presented in top investment, banking and finance conferences in America, Italy, Sydney, Cape Town, HK, China. He has trained CEOs, entrepreneurs, CFOs, management executives in business strategy & business model innovation in Singapore, HK and China.

Leave a comment