我們分析了騰訊的搜狗拼音輸入法，該輸入法每月活躍使用者超過 4.5 億，是中國最受歡迎的中文輸入法。

In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts sensitive data. These vulnerabilities could allow a network eavesdropper to decrypt sensitive communications sent by the app, including revealing all keystrokes being typed by the user. Following our disclosure of these vulnerabilities, Sogou released updated versions of the app that identified all of the issues we disclosed.

這份報告檢視熱門應用程式 WeChat 在其各種功能的正常運作過程中所蒐集並傳送至 WeChat 伺服器的資料，以此分析該應用程式存在的隱私問題。我們發現，WeChat 蒐集的使用資料比在隱私權政策中公布的還要多。

We conducted the first analysis of WeChat’s tracking ecosystem. Using reverse engineering methods to intercept WeChat’s network requests, we identified exactly what types of data the WeChat app is sending to its servers, and when. This report is part one of a two-part series on a privacy and security analysis of the WeChat ecosystem.