中國製平價機械鍵盤内置監控？

tsoi923

很多時大家都會對中國製造投下「不信任票」。雖然不少内地產品的價格都很便宜，但質量就難説。現在，又有另一個「不信任」的原因了。有外媒報道，表示一款中國生產的機械鍵盤「MantisTek GK2」竟然會紀錄並統計使用者打過什麽字！

據外媒「Tech Power Up」及「Tom's Hardware」報道，有網民投訴手上中國生産的「MantisTek GK2」RGB 機械鍵盤，似乎會將輸入過的資料透過「Cloud Driver」功能發送到阿里爸爸伺服器。經過調查之後，發現使用者的輸入數據並沒有傳送到阿里爸爸伺服器，然而鍵盤就會自動統計使用者的輸入數據，代表鍵盤會紀錄使用者打過的任何字，包括密碼。

雖然，「MantisTek GK2」RGB 機械鍵盤只會統計使用者輸入過的字，然而不少網民已經覺得頗爲恐怖。其實，這個鍵盤比起市面上的其它機械鍵盤要便宜一半有多，便宜不一定好，大家要自行衡量了。

link

hpkpk123

很多時大家都會對中國製造投下「不信任票」。雖然不少内地產品的價格都很便宜，但質量就難説。現在，又有另 ...
tsoi923 發表於 2017-11-8 04:36 PM

   
留名等睇有人話行得正企得正冇問題

via HKEPC IR Pro v2.1.0 - Android

556556bt

留名等睇有人話行得正企得正冇問題

via HKEPC IR Pro v2.1.0 - Android
hpkpk123 發表於 2017-11-8 18:33

    咁搞法.. 第時firewall 唔係防incoming traffic .. 係防outgoing.

hpkpk123

咁搞法.. 第時firewall 唔係防incoming traffic .. 係防outgoing.
556556bt 發表於 2017-11-8 07:37 PM

中國好似有個term叫防水牆

alanh999

咁搞法.. 第時firewall 唔係防incoming traffic .. 係防outgoing.
556556bt 發表於 8/11/2017 19:37

    A normal firewall should control both incoming and outgoing traffics.

556556bt

中國好似有個term叫防水牆
hpkpk123 發表於 2017-11-8 19:46

    真係?? ..... 水來土掩喎

556556bt

A normal firewall should control both incoming and outgoing traffics.
alanh999 發表於 2017-11-8 19:46

    係呀.. 我用果個abnormal firewall ....

water668

吓！又紀錄又統計用家打過乜嘢字！
實在太過份嘞！
抱著我不入地獄誰入地獄精神，
等我買多幾個中國平價鍵盤，研究研究先！

eo38cl

最初發現的網民係話軟件所傳輸的資料，係每個鍵的按鍵次數統計，唔係Tom's Hardware 所講的 keylogger:

https://www.reddit.com/r/pcmaste ... /dph76ge/?context=3
The data itself looks more like statistics for key usage, rather than a keylogger, but it's still sketchy. I did mention that later in the /csg/ thread. The same data can be found in appdata folders of drivers in a text file, so it's not like they're hiding it. You can just add a block rule in Windows Firewall and it's enough to stop all connections attempts to Alibaba servers. The software will still work fine (not that you actually need it).

I'm actually quite disappointed by TomsHardware that they didn't bother to do some research themselves and just slapped in a few links (the other post on reddit is also just my image).

Also I hope that it won't discourage other people from buying cheap mech keyboards/mice - they're still a valid choice if you don't have a huge budget

Tom's Hardware 已修改原先講法:

"However, in a closer look, it seems that the Cloud Driver software doesn't send the key presses to the Alibaba server but only how many times each key has been pressed.

Assuming no malicious intent, it's possible that the keyboard maker wanted this sort of data in order to see the lifetime of its keyboard's keys or see which keys it needs to make more durable."

ac97

係跟 keyboard 來果個 software send 出去？無裝就無事？