Motorola Is Listening

← Back to Stories (view on slashdot.org)

Posted by Soulskill on Tuesday July 2, 2013 @05:33AM from the knows-when-you've-been-bad-or-good-but-doesn't-bring-you-presents dept.

New submitter pbritt writes "Ben Lincoln was hooking up to Microsoft ActiveSync at work when he 'made an interesting discovery about the Android phone (a Motorola Droid X2) which [he] was using at the time: it was silently sending a considerable amount of sensitive information to Motorola, and to compound the problem, a great deal of it was over an unencrypted HTTP channel.' He found that photos, passwords, and even data about his home screen config were being sent regularly to Motorola's servers. He has screenshots showing much of the data transmission."

7 of 287 comments (clear)

Min score:

Reason:

Sort:

It's motoblur... by Anonymous Coward · 2013-07-02 05:43 · Score: 2, Informative

It's a server side social service from motorola,see http://en.wikipedia.org/wiki/Motoblur
Achievement Unlocked by blincoln · 2013-07-02 05:51 · Score: 5, Informative

"An article you wrote for your personal website has appeared on the main page of both Slashdot and Hacker News, and you were not the submitter in either case."
I haven't logged onto this account in ages, but if anyone has any questions, I'd be happy to try to answer them.

--
"...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
1. Re:Achievement Unlocked by blincoln · 2013-07-02 06:38 · Score: 4, Informative
  
  In the absence of a better answer, I would go with the model I used for this testing:
  Build a Linux system that acts as the sole gateway between your internal network and the internet (whatever means you are using to connect to the internet). Set it up with an intercepting proxy like Burp Suite or OWASP ZAP, and install the signing cert on your devices. Configure all of your devices to proxy HTTP and HTTPS traffic through that intercepting proxy. This will let you see nearly all HTTP and HTTPS traffic, and optionally to modify that traffic as it passes through.
  That system can either just be a gateway for some other device (e.g. your wireless router), or you can set it up to perform the DHCP and other functions for the other devices on your network.
  It would probably also be helpful to set it up as the DNS server so that if you end up needing to look at something that requires spoofing DNS, you're all set.
  Mode 1 - for everyday use:
  Use iptables to forward all traffic from the internal interface to the external interface.
  Run network captures to see traffic patterns and anything that is unencrypted which is not going through the intercepting proxy.
  When you see something interesting that is non-HTTPS (e.g. via a network capture) but is encrypted, temporarily switch to Mode 2, or if necessary (like it was in the case of the XMPP traffic here) selectively forward it (again, using iptables) to a custom MitM proxy.
  Mode 2 - for special cases:
  Run Mallory on the gateway instead of the regular iptables forward.
  This is only for special cases because Mallory will impose a noticeable slowdown.
  I'm working on a ground-up build doc for this type of system that will go into a lot more detail. It can be run in VirtualBox or another virtualization platform.
  The only thing it may not do is the sandboxing requirement you listed, depending on what you're hoping for. It's also not super-straightforward (especially Mallory and any custom MitM stuff you need to do), but it's a lot easier than it used to be, especially since the intercepting HTTP/HTTPS proxy takes care of nearly all of the traffic these days.
  
  --
  "...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
Re:It is owned by Google by swillden · 2013-07-02 05:55 · Score: 5, Informative

This is just Google collecting all of the worlds data, just like they said they were doing to do.
The Droid X2 was released on May 11, 2011. Google announced their intention to acquire Motorola Mobility on August 15, 2011, and completed the acquisition on May 22, 2012.

--
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Re:Don't you know... by Joce640k · 2013-07-02 05:55 · Score: 5, Informative

I think it might be this: https://en.wikipedia.org/wiki/Motoblur
Lots of phones/providers sync your personal data for you in case you lose your phone.
(And I'm sure there's an option somewhere to turn it off, although you never know with big corporations...)

--
No sig today...
Re:#1 reason to use Android by h4rr4r · 2013-07-02 06:01 · Score: 3, Informative

You can have a custom rom that is not rooted.
I do.
Why do people confuse these?
That article is utter nonsense by donutello · 2013-07-02 13:18 · Score: 3, Informative

The idfa feature has nothing to do with Apple tracking you. It has everything to do with *others* tracking you - or rather, limiting how others track you.
Prior to iOS6, third party apps would access your devices UDID and use it to track your device. There was no way for a user to disable or limit this. In iOS6, Apple shut that down and forced advertisers to use the idfa instead. The idfa is something you as a user can reset or turn off to limit how advertisers track you. The feature is a pure win for user privacy and anyone who claims otherwise is either a complete idiot or thinks his audience is.

--
Mmmm.. Donuts