The article reports on a security vulnerability in the Chinese shopping app Pinduoduo, which was discovered by researchers at Dark Navy, a cybersecurity firm. The vulnerability allowed hackers to access users' sensitive information without their consent.
Pinduoduo's response to the issue is that they have removed the exploits from their app and disbanded the team of engineers and product managers who developed them. However, tech policy experts say that this should have been detected by regulators earlier.
The Ministry of Industry and Information Technology, which regulates Pinduoduo, has not taken any action against the company. The Chinese government's regulatory clampdown on Big Tech began in late 2020, but it appears to be insufficient in preventing companies like Pinduoduo from exploiting security vulnerabilities.
Some cybersecurity experts have questioned why regulators haven't taken action, citing a lack of understanding of technology and coding among regulators. Others have expressed frustration with the censorship of online posts about the issue.
The incident highlights concerns about the effectiveness of regulatory oversight in China's tech industry. It also raises questions about the responsibility of companies like Pinduoduo to prioritize user security over business interests.
Key points:
* Researchers at Dark Navy discovered a security vulnerability in Pinduoduo's app that allowed hackers to access users' sensitive information.
* Pinduoduo removed the exploits from their app and disbanded the team of engineers and product managers who developed them.
* The Ministry of Industry and Information Technology has not taken any action against Pinduoduo.
* Tech policy experts say that this should have been detected by regulators earlier.
* Some cybersecurity experts have questioned why regulators haven't taken action, citing a lack of understanding of technology and coding among regulators.
Pinduoduo's response to the issue is that they have removed the exploits from their app and disbanded the team of engineers and product managers who developed them. However, tech policy experts say that this should have been detected by regulators earlier.
The Ministry of Industry and Information Technology, which regulates Pinduoduo, has not taken any action against the company. The Chinese government's regulatory clampdown on Big Tech began in late 2020, but it appears to be insufficient in preventing companies like Pinduoduo from exploiting security vulnerabilities.
Some cybersecurity experts have questioned why regulators haven't taken action, citing a lack of understanding of technology and coding among regulators. Others have expressed frustration with the censorship of online posts about the issue.
The incident highlights concerns about the effectiveness of regulatory oversight in China's tech industry. It also raises questions about the responsibility of companies like Pinduoduo to prioritize user security over business interests.
Key points:
* Researchers at Dark Navy discovered a security vulnerability in Pinduoduo's app that allowed hackers to access users' sensitive information.
* Pinduoduo removed the exploits from their app and disbanded the team of engineers and product managers who developed them.
* The Ministry of Industry and Information Technology has not taken any action against Pinduoduo.
* Tech policy experts say that this should have been detected by regulators earlier.
* Some cybersecurity experts have questioned why regulators haven't taken action, citing a lack of understanding of technology and coding among regulators.
... like, shouldn't they be doing their job properly? Removing the exploits and axing the team that made them is just damage control mode 
. And what's with not taking action from the MoIIIT? It's like they're just letting Pinduoduo slide because it's convenient for them 
. The Chinese government's whole "regulatory clampdown" thing seems like a joke if they can't even get this right 
... I mean, who do these people think they are, tech experts or not? 
! I mean, who wants hackers accessing their personal info without consent? 
It's crazy that the Chinese government hasn't taken action against the company 
. Don't get me wrong, I'm all for Big Tech regulation, but it seems like the Ministry of Industry and Information Technology needs a tech upgrade 
.
I guess it highlights how we need more transparency in the tech industry, especially when it comes to user security 
.
. Can't we just talk openly about these kinds of issues without being silenced? 
... I mean, I get that companies need to innovate and move fast, but at what cost? It's like they prioritized profits over people's safety 
. I think it's crazy that regulators didn't pick up on this sooner 
. And what about all those users whose info was compromised? That's just unacceptable 
. Pinduoduo's response seems half-hearted at best 
. Can we trust that they'll keep our security top priority from now on? 
. and the government is just chillin' on not doing anything about it 
. companies like Pinduoduo need to step up their game when it comes to user security or else they'll be out of business in no time 
how could they let this happen?! 
I'm all for companies making money but user security should be the priority over profits 
and educate themselves on tech lol maybe thats true but it still shouldn't take a major security breach to make them do something 
. And yeah, the censorship of online posts about this issue is also kinda weird 
. We should be able to discuss this stuff without being censored 
. This whole thing with Pinduoduo's security vulnerability... it's like they wanted it to happen 
. Removing the exploits from the app? Disbanding the team of engineers and product managers who developed them? That sounds like a PR stunt to me 
. What are they really trying to hide? 
they removed the exploits, yeah good for them, but what about all the users who were already affected? didn't think so. 
it's just another example of how chinese tech companies are like a whole other beast when it comes to security and ethics... sigh