Researchers have revealed that spell checkers from Google and Microsoft save users’ personal data.
Flaw in the system. Security researchers from Otto JS have disclosed that spell checkers from Google and Microsoft collect and store personal data from its users.
According to BFMTV, the research team has demonstrated that when you write in a form or a login page, spell checkers analyze your writing. Then all your data and passwords are likely to be sent to Google and Microsoft servers.
Remove the “show password” option
“If the ‘show password’ feature is enabled, the feature sends the password to third-party servers. While researching data leaks in different browsers, we found a combination of features that when enabled , will unnecessarily expose sensitive data to third parties like Google and Microsoft,” said Josh Summit, CTO of Otto JS.
The research team then alerted several American giants. At this time, Office 365, Alibaba Service Cloud and Google Cloud have taken no action to correct the fault. The researchers’ recommendation is to remove the “show password” option.