Cybersecurity concerns have been raised at the UN COP27 climate talks over an official smartphone app that reportedly has carte blanche to monitor locations, private conversations and photographs.
Some 35,000 people are expected to attend the two-week climate conference in Egypt, and the app has been downloaded more than 10,000 times on Google Play, including by officials from France, Germany and Canada.
The Egyptian Ministry of Communications and Information Technology developed the app for summit delegates.
It’s meant to help attendees navigate the conference smoothly, but “the Egyptian government may have weaponized the app and now has the ability to monitor all summit attendees,” said David Bader, a science expert at data and cybersecurity, to Al. Jazeera.
Analysts warn that the COP27 app can extensively monitor user movement and communications, and can read users’ email and encrypted messages, record phone conversations, and even scan the entire device for sensitive information.
While the developer claims the app doesn’t collect data, Bader noted, “Surprisingly, the app has the uncanny ability to access the user’s name, phone number and email address, all of the user’s email, with the explanation ridiculous ‘app functionality’ and their photos for ‘account management’.
“Would you like a stranger to access your private photos, let alone a foreign government?” Bader said, warning there could be more going underground with the app.
No ‘smoking gun’ in data collection
Most apps ask for permission to access various aspects of a smartphone, including the location of GPS features or social media cameras, but users should be careful, said Kevin Curran, a professor of cybersecurity at the University from Ulster.
“One has to wonder if each of these permissions is necessary,” Curran said, describing the COP27 app as “highly intrusive.”
“In this case, it is difficult to identify a smoking gun. What we cannot determine is whether the Egyptian government is using this for data collection,” Curran told Al Jazeera.
He noted, however, that the app could continue to provide information about users even after the climate conference ends on November 18.
‘Fully refuted’
According to an analysis of the app by US media group Politico, it can monitor communications even when the device is in sleep mode.
Egypt’s COP27 ambassador Wael Aboulmagd denounced the speculation, telling reporters that a cybersecurity assessment had been completed and “I was told how unlikely, or physically or technically impossible” it would be to use the app in any way. so intrusive.
Since it’s available on Google Play and the Apple Store, those companies “would never allow that” due to security protocols, he added.
“A cybersecurity assessment was done and it completely refuted it,” Aboulmagd said.
But Bader warned delegates who have the app on their phones that they remain vulnerable. “Intelligence can be gathered not only about their positions on climate change, but also about trade negotiations, political activities and military operations,” he said.
Of Egipt @DonaldTrump denies that he #Cop27 application endangers delegates who download it. The Apple store and Google Play wouldn’t allow that, she says. pic.twitter.com/XZlfPGW79H
— Joe Lo (@joeloyo) November 10, 2022
Some rights activists have criticized Egypt’s decision to host COP27, citing a long history of cracking down on political dissent. It is estimated that tens of thousands of people have been imprisoned.
Several attendees have shared that WiFi at the climate conference blocks access to websites such as Human Rights Watch and Egypt’s independent outlet Mada Masr, as well as Al Jazeera.
For those concerned about the COP27 app, cybersecurity experts recommend using a “disposable phone” or secondary device, keeping in mind that your conversations and other communications could be monitored.
Those who already have the app should uninstall it as a first step, they say.
There are so many websites blocked in Egypt in #COP27 , which is noticeable and it is difficult for us to work. We can’t use our @Earth_Uprising Medium site, because Medium is blocked. The news agencies we refer to are blocked.
There is no climate action without truth and information.— Alexandria Villaseñor is at #COP27! (@AlexandriaV2005) November 7, 2022
| Hire Us For website setup, design, tech support or any type of online work. | Send Email |
| Follow Us On Google News | Google News |
| Follow Us On Facebook | |
| Follow Us On Pinterest | |
| Follow Us On Tumblr | Tumblr |
| Follow Us On Telegram | Telegram |
| Follow Us On Linkedin | |
| Download Free Games | Download Free Games |
