Recent security analyses have revealed that the iOS version of DeepSeek, a widely-used AI chatbot developed by a Chinese company, transmits user data unencrypted to servers controlled by ByteDance. This practice exposes users to potential data interception and raises significant privacy concerns.
The unencrypted data includes sensitive information such as organization identifiers, software development kit versions, operating system versions, and user-selected languages. Apple’s App Transport Security (ATS), designed to enforce secure data transmission, has been globally disabled in the DeepSeek app, further compromising user data security.
Security experts from NowSecure have identified these vulnerabilities and recommend that organizations remove the DeepSeek iOS app from managed and personal devices to mitigate privacy and security risks. They also note that the Android version of the app exhibits even less secure behavior and should be avoided.
In response to these findings, several U.S. lawmakers are advocating for a ban on the DeepSeek app on government devices, citing concerns over potential data sharing with the Chinese government. This mirrors previous actions against other Chinese-developed apps due to national security considerations.
Users should exercise caution and consider removing the DeepSeek app from their devices until these security issues are addressed. The situation underscores the importance of ensuring that applications adhere to strict data security protocols to protect user information.
Advertisement
