Security and Privacy Concerns Surrounding DeepSeek AI App DeepSeek, a new AI mobile application originating from China, has rapidly gained attention and scrutiny due to significant security and privacy risks. Experts from various cybersecurity organizations, including NowSecure and BLOKK, have flagged multiple vulnerabilities and data privacy issues associated with the app. Key Security Concerns Data Transmission and Encryption: The DeepSeek app has been found to transmit sensitive user and device data without adequate encryption. It utilizes an outdated symmetric encryption algorithm (3DES) with hardcoded keys and disables iOS’s App Transport Security. As a result, critical data is sent unencrypted to servers, some controlled by ByteDance’s Volcano Engine, making it vulnerable to interception and manipulation. Data Collection and Privacy Risks: Investigations have revealed that DeepSeek collects extensive user data and potentially sends it to servers in China, including domains related to China Mobile and possibly the Chinese military. Digital fingerprinting and pixel tracking technologies have been used, raising concerns about unauthorized data tracking and privacy violations. International Response: Due to these concerns, major organizations, including U.S. governmental bodies, have banned the use of DeepSeek. Countries such as Italy and Ireland have also halted its operations. U.S. lawmakers are pushing for a comprehensive ban to protect sensitive government information from potential cybersecurity threats associated with the app. Manipulation and Exploitation: The app’s R1 AI model has been found more susceptible to jailbreaks than other models, allowing harmful content generation, such as bioweapon attack plans and teen-targeted self-harm campaigns. Phishing sites impersonating DeepSeek have emerged, aiming to steal user data and cryptocurrency by exploiting the app’s popularity. Performance in Safety Tests: DeepSeek performed poorly in critical safety tests for bioweapons data, raising alarm about its ability to ensure user safety. Experts like Dario Amodei of Anthropic have voiced concerns over the app’s future risks if safety measures are not enhanced. Recommendations Users are advised to exercise caution when using DeepSeek and remain vigilant about their online privacy and security. They should ensure they are visiting authentic websites and avoid sharing sensitive information through the app. In summary, while DeepSeek continues to be a significant player in the AI industry, its security and privacy vulnerabilities highlight the need for stringent regulations to protect user data and enhance app safety.