
A report on Chinese digital surveillance and hacking of Uyghurs - daviday
https://www.volexity.com/blog/2019/09/02/digital-crackdown-large-scale-surveillance-and-exploitation-of-uyghurs/
======
sabujp

       The exploit itself is 22,963 bytes of code and if successful will ultimately result in the forced download of a file name loader to the /data/data/com.android.browser directory of the victim device
    

How can a website force download a file to a device? Seems like a browser
vulnerability

~~~
Fnoord
Please quote properly, like this:

> The exploit itself is 22,963 bytes of code and if successful will ultimately
> result in the forced download of a file name loader to the
> /data/data/com.android.browser directory of the victim device

The way you quoted is unreadable on mobile, and difficult to read on desktop
(scrolling). It is meant for max 80 chars blocks of programming text.

~~~
weare138
True but just a quick heads up, HN changed the formatting options. The right
angle bracket doesn't italicize quotes like it used to and isn't mentioned in
the formatting help guide now. Many new HN posters aren't familiar with the
old formatting style.

------
jialutu
I am gonna have to call BS on this report. Everyone knows that google
including gmail is blocked in China, so why would they try to get a hold of
their google oauth? Additionally, I just went onto one of the mentioned
websites at random, turkistantimes.com and guess what, the site is hosted in
the America, in Houston!

So either that Xinjiang province is not behind the great firewall, or that
Xinjiang has far greater internet freedom than the rest of China, so which one
is which? You can't really have both in this case.

~~~
hazrd86
Specialized VPNs (SS/SSR) are a common way to work around the GFW to get
worldwide internet access.

If you're targeting activists inside of China you have to expect they'll use
those VPNs. You also expect them to specifically choose non-chinese
mail/communication mediums in order to not be identified by the PRC.

This report is newsworthy because it says that making these choices might not
protect you anymore.

