You may not have heard of Baidu before, but they are the equivalent of Google in China, providing search engine functionality and apps for both Windows and Android. Even though you may not have heard of their name before, odds are you’ve used their applications before. Most likely ES File Explorer, which has over 100,000,000 installs. According to Citizen’s Lab based out of Toronto, Baidu has been caught leaking personal data.
The main source of the data leakage has been Baidu’s Browser, which transmits user’s data to their servers without encryption and some encryption that is very easily decrypted. The Baidu Browser transmits data from the user including GPS location, search terms, websites visited, without encryption. It also sends the user’s IMEI and a list of nearby wireless networks with easily decryptable information.
Now, while the main culprit is found to be the Baidu Browser, the issue lies within the Baidu SDK as well. So any applications that were developed using the software developer kit is susceptible as well. One of the biggest apps made on that SDK is none-other than ES File Explorer. Since the findings have been released, Baidu has patched some issues, but it still poses a high risk, so it is best to stay away.
If you are like me, and do not want to use ES File Explorer anymore, I have downloaded Solid Explorer File Manager. Overall I think it has a better looking interface and it does include a root explorer. If you are using a different file manager, let us know in the comments!