Recently, WPS Office, the office software of Kingsoft Co., Ltd., was exposed to privately detect “illegal content” in users’ local documents, and lock and delete related documents, which seriously violated users’ privacy and attracted online attention.
Screenshots widely circulated on the Internet
event review
On June 25, netizen @米 rabbit just wants to make money Post on the Longkong ForumHe claimed that a local document of more than one million words was locked by WPS on the grounds that it “contains prohibited content” and could not be opened. The author said that this document only exists on his own computer, he did not use the WPS cloud service, and he did not share the document link to the outside world,”Who gives it the power to spy on user privacy files and handle it by itself?”
Screenshot of the original post
After this incident received attention, a large number of netizens also began to post screenshots, saying that they had also experienced documents locked and blocked by WPS. If only the local document is locked, it can be opened with other software; but if the blocked document is a document that uses cloud services, it is equivalent to losing the right to manage the document, not only unable to view, but also unable to back up. Can be dealt with through lengthy manual appeals.
Partial screenshot
WPS official response
In response to this incident, WPS issued a statement twice on July 11 and July 13, saying that the content of the original original post was “purely misleading” and that WPS would not conduct any operations such as auditing, locking or deleting of users’ local files. , which simply prohibits users from sharing links to documents that are suspected of violating regulations.
first statement
second statement
Where is the trick?
Even with the official response from WPS, many users did not buy it.people who use ZhihuWhen the micro-class is in progressIt pointed out five practices of WPS in disguise forcing and inducing users to use cloud services. As long as users are not careful, they may hand over all their private information (the following is the original text of the answer):
1. Seize the user’s computer
Multiple file formats are associated by default during installation, and options are hidden. It is reasonable to associate PDF, but as an office software, what do you associate with image format? This photo program is a premium software bundled with WPS. If users do not pay attention during installation, they will find that all aspects of the computer are occupied by WPS after installation.
2. Force users to log in to use cloud services
Office software is originally a tool for offline use, and it has always been the case. But when it comes to WPS, it changes. It must be connected to the Internet and must be logged in, otherwise it cannot be used. Although the prompt says “basic editing functions are supported for users who are not logged in”, if the user is really not logged in, nothing will work. The functions of font and font size are all black. Can I change the font size without networking? Is it not a basic function to change the font size? Will the network not consume the server resources of WPS? So much effort, so ugly eating, what are you doing?
A hint when logging in sheds a little light, logging in to supervise the user’s documents. In order to “better experience the service”, it is pure nonsense. One of the privacy agreements is “accurate “. Is this the “better service” that WPS gives users? Listen to me, thank you, I don’t want this kind of service.
3. Login is tricky
Whether to log in automatically next time is a very important question for users. After you check this item, some software will remind you of the risk of checking this item many times. WPS is not. Not only does it not have any risk warnings, but it also deliberately makes the color of the command very light. The worst thing is that this option is enabled by default. Many users log in in a hurry and cannot see this option. As a result, his account is always logged in here, causing a great security risk.
4. Unlimited synchronous upload of public user data
The documents I view on my mobile phone appear on the computer in minutes. If I am accidentally “automatically logged in” on the computer in the classroom, won’t my personal documents be exposed to the public? If I am editing an exam paper, will it not be fully seen by students? Whether you click Save or Save As, the default save location is WPS network disk; all newly created documents will be saved in your enterprise by default, and personal documents instantly become corporate documents. Isn’t this arbitrarily exposing a user’s private documents without asking and without the user’s consent? Brackets: When you log in, your account is automatically set as a business account.
5. Inducing users to share online
Whether it is a computer or a mobile phone, clicking[Share]is the default link to share, and the “send as a file” that users expect is placed in an inconspicuous place. Many colleagues asked me, how can it be a document after WPS sharing is a link? This fully shows that the default setting misleads and even induces many users to perform wrong sharing operations.
The “WPS delete local file” event that pushed WPS to the forefront this time may be caused by this default setting. The user wanted to share the file with a friend, but WPS cheated and made a link sharing. Once there is a link, Kingsoft monitors the user’s content and blocks it if it finds any illegal content. The official WPS explanation seems plausible, but it is actually absurd and vicious.
1. Documents containing prohibited content are not necessarily illegal documents.It may be a document devoted to the study of prohibited words, it may be writing a negative teaching material, or it may be writing a related exam question. In the QQ group, exam papers and courseware uploaded by users are often found to be illegal and cannot be downloaded. However, documents that are actually illegal often do everything possible to avoid prohibited words, but WPS cannot detect them.
2. Link sharing does not mean public sharing.Due to the defects of WPS itself (or intentionally), users share documents in the form of links, and the scope of sharing may be a few friends of the user, just like a few people drinking and talking about meat jokes, it is purely private. Besides, users write novels to earn readings by publishing them on the website. It is not good for them to spread them widely in your WPS. With the extraordinary power of WPS, you can definitely monitor how many people have seen it, and what is the relationship with the user… Then consider it comprehensively, it will not be so arbitrary to block the link, or even “delete the user’s local file” as in the revelations.
3. There is a malicious association here. I don’t know if the logic between them is true: the default for users to share is the link, and after the link, WPS can monitor the user’s document. Or to put it the other way round: because you want to monitor user documents, it is set to share as a link by default. This idea is so vicious, I don’t think WPS is as bad as I think.
The service object of WPS seems to be an enterprise, whether it is login, automatic login by default, or saving in corporate documents by default, all of which are revealed. The rights and interests of individual users are not considered at all. Many options involving risks are not reminded, and these options are deliberately “diluted” and checked by default, without prompting, asking, or allowing users to freely choose.
Well, not much to say, just to be on the safe side, I edited this document with Microsoft office, I hope it will not be detected.
(End of original answer)
The following comments are excerpted from the Internet by the editor of China Digital Times:
Zhihu users: If it’s just a local file, it shouldn’t be audited, no matter what’s in it.
If it is an online file, it should be notified in advance, especially when it is uploaded, we will review it, and the user will choose at this time.
If it counts, it’s a hooligan.Living on the top floor all the time: A, WPS doesn’t want it either, it’s what the above requires.
B, the above is not required at all, it is WPS deliberately black above.
C, the above only dare to ask for WPS, and dare not ask for Office.
D. Rumors.Zhihu users: You can be banned from accessing your own files today
You can still sell your documents to others tomorrow
The reason they are so bold must be that you have read the above agreementJi Zhe: I have been using WPS all the time, and the company has also bought some enterprise licenses. If this is true, then the software must be changed properly. Although we all know that things on the cloud cannot be completely kept secret, but some things can be regarded as non-existent until they are done, and once they are done, it is like a broken mirror. Compared with privacy leaks, it is more difficult for me to accept that users will lose the management rights of documents. I can’t imagine what kind of disaster scenario it would be if the documents required for the report could not be opened. However, I think from the perspective of a commercial company, it is unlikely that such a decision would be taken on its own initiative, and it is almost certainly under pressure from some unspeakable existence. But this kind of thing is stupid after all, and some stupid people try to control things that shouldn’t and can’t be controlled by stupid means under the guidance of their stupid thinking. These stupid decisions are completely impossible to achieve their goals. In the end, they can only force domestic software to castrate itself, completely collapse its competitiveness, and allow foreign competitors to completely occupy the domestic market. It’s just that the relatives hurt the enemy quickly.
Zhihu users: Since it is user privacy, why do you know that users violated the rules? Since there is a censorship mechanism, can you tell users which ones are illegal? Because the vast majority of violations are triggered unintentionally by users. For example, ten have XX. Those who really want to be anti-Party and counter-revolutionary will not use your products. Accidental injuries accounted for more than 90%. I don’t pretend to be a foreign guest, and I also know the actual situation in China. But your wps is not the relevant department, I dare not scold the relevant department, do I dare to scold you? Therefore, either put safeguarding national security before focusing on privacy, or simply delete the phrase focusing on privacy.
404NotFound: Nonsense, divert your attention here. Seize a “little loophole” in others and do all you can to public relations, right? I have a colleague’s file locked by WPS, never said it is “locking local documents”, but WPS will privately lock the user’s “personal cloud files”. Personal cloud files that are not shared and spread are locked. Why is the WPS lock cloud document so well received? The Baidu disk lock file has been around for many years, everyone is used to it? Because the user saves the Baidu cloud, it is not personal important information, but the user’s work document stored in your WPS cloud document is the work document related to the job. The results of it? Do you have to check and lock the important work documents related to the user’s job. Disgusting or not disgusting you? I know that there is no such thing as privacy here. Living here is transparent. It is not only transparent, but also free to be slaughtered. Personal data can be reviewed, modified, deleted, and locked by “them”. Shanghai lost a “USB flash drive” worth 10 bitcoins, and it couldn’t splash the slightest bit of water. I also know that all “clouds” in China are not safe, but I can only scold you about WPS, right? I can only boycott your WPS, right? If your WPS is not happy, go to the “one” who lets you review user cloud documents. ridiculous.
Tango: There is no difference between generating a public link and not generating a public link, the Internet police still see it. If the legal and social environment is not good, you can cut off cloud services, but you can’t touch the customer’s files, even if your risk is high. This is a legal boundary issue, your cloud service is yours, you have the right to toss. The customer’s things are the customer’s, and you will be overstepping your authority if you touch it. Even why you read the client’s files is the question. There is nothing wronged, but I feel that the customer’s file data is my own, and I am not wronged at all. From the bottom of your heart, you feel that the customer should serve you, and you don’t feel that you are a service provider. There is nothing that can be sloppy, that is, the character of WPS is not good.
Freeman: First, the cloud is bundled with WPS, which is different from third-party network disks. First of all, because the system is synchronized to the cloud by default. So, although only cloud documents are monitored and audited formally, by default, all documents are actually monitored. Secondly, the content uploaded to the cloud will not be shared in most cases. If not shared, it should still be private content, does wps have the right to monitor and moderate it? In other words, should WPS start monitoring the user’s content during the synchronous upload process, or should it start monitoring when the user shares it? The legality of the two is different. Again, even if there is illegal content sharing, it is understandable that WPS blocks access links, but does it have the right to delete or lock the user’s documents like other third-party network disks? After all, as a production tool for original documents and to protect the safety of users’ labor results, WPS has a greater moral responsibility than other network disks that only provide storage services. Second, take a step back. If the cloud content is monitored and locked, it is reasonable to delete or lock the corresponding local files because the cloud is locked. Although WPS denies the act of deleting local files, people still have reasons to question: since the local files have not been deleted, why should the user who broke the news go far and spend so much time and energy communicating with customer service to try to unlock the cloud file? It can be seen that the credibility of WPS’s defense of its previous actions is questionable.