Slashdot Mirror
Secret Backdoor in Some US Phones Sent Data To China (nytimes.com)
Security contractors have warned that many Android smartphones ship with preinstalled software that has a backdoor that sends all your text messages to China every 72 hours. (Editor's note: the link could be paywalled; here's the press release.) The New York Times reported Tuesday that "the American authorities say it is not clear whether this represents secretive data mining for advertising purposes or a Chinese government effort to collect intelligence." From the report: International customers and users of disposable or prepaid phones are the people most affected by the software. But the scope is unclear. The Chinese company that wrote the software, Shanghai Adups Technology Company, says its code runs on more than 700 million phones, cars and other smart devices. One American phone manufacturer, BLU Products, said that 120,000 of its phones had been affected and that it had updated the software to eliminate the feature. Kryptowire, the security firm that discovered the vulnerability, said the Adups software transmitted the full contents of text messages, contact lists, call logs, location information and other data to a Chinese server. The code comes preinstalled on phones and the surveillance is not disclosed to users, said Tom Karygiannis, a vice president of Kryptowire, which is based in Fairfax, Va. "Even if you wanted to, you wouldn't have known about it," he said.
Why not both?
Is there some magical thing that says if something is collecting for advertisement purposes it can't be shared with intelligence agencies?
-=This sig has nothing to do with my comment. Move along now=-
No reason to be alarmed. Clearly this is just a testing and debugging feature introduced by some errant developer that's been accidentally left in the release build firmware. It will be patched and fixed and you can all go back to buying these phones in safety. No way the Chinese government would have deliberately done this.
This is like Windows XP. What a cluster!
If I was a manufacturer, I would have a checksum on my system image and spot check phones coming back from China to verify that it was not tampered with.
The really disturbing thing isn't that some shit Chinese handsets are full of spyware; but that our own technology industry is so overrun with advertisers, tracking, and 'analytics', that we can't distinguish between espionage and the Chinese just catching up with our business models; because the only real difference is that espionage tends to run at a loss, while advertising is economically self sustaining.
I am willing to bet that this code was originally meant to monitor Chinese users and was either put in by a Chinese agent without the companies knowledge or forded to be put in by the Chinese government. I would be willing to think that someone forgot to take it out, or someone said lets try this, but for the Chinese government to do something so obvious...I do now know.
I have to wonder if the economics of cheap android handsets depends on intelligence agencies pushing it financially. It seems like the most wild-west of the phone OS's. Is this even a thing? Like, would it make sense to understand why certain manufacturers can always win on price?
Oh, it was just a feature. Whew! What a relief. For a second there, I thought it might be malware.
1) I am not surprised that anyone would put this in any OS/device they had GOD-LEVEL access to. The temptation is too great.
2) I doubt this is completely true. It is too much work to hide it.
I'm going to send texts saying I'm eating Japanese food on a more regular basis now.
Hey honey, look at this Japanese sweet and sour chicken I'm eating. I feel like going to the Japanese restaurant for General Tsao's chicken tonight.
- that oughta piss 'em off.
"That's the way to do it" - Punch
From the press release, the affected phones have the following services installed:
com.adups.fota.sysoper
com.adups.fota
I'd probably check your phone to ensure those don't exist. ... And it sends data to the following domains, if ya wanted to firewall or sniff it or whatever:
bigdata.adups.com (primary)
bigdata.adsunflower.com
bigdata.adfuture.cn
bigdata.advmob.cn
General Tso's chicken is about as Chinese as KFC. It's loosely based on Hunan cuisine but it originated in America (NYC). A shame really, authentic Chinese food is awesome. If you're ever in NYC hit up Xi'an Famous Foods, the lamb cumin noodles are fantastic. If you have more time, head over to Flushing and dive into almost any of the shops there and learn what real Chinese food is (and a good deal of it is much, much spicer than what your local take out place serves). I moved to NYC from Texas and I'm still learning how much of what I know about cultural cuisine is wrong. And just to complete the circle, for some reason there a lot of taco/tex-mex joints in the city which are run by chinese families. I know most people will find this is shocking, but they ain't Mexican taco's (and yes, I know what most tex-mex places serve aren't true "taco's" either).
Oh, and I'm pretty certain the OP knows that sweet and sour chicken and general tso's chicken aren't Japanese... that was the joke.
In Soviet America, Chinese chairman spies you!
...nothing but junk anyway. Who uses SMS these days? I hope they purchase the media downloads my operator keeps offering because I'm sure as shit not doing it.
This is on Google. They need to get a grip on Android.
Right now there is no reason to believe there was anything untoward going on. This is probably just debug code that got left in or something. Does anyone have any actual proof that this was intentional?
I checked the owning subnet, and found that I had already blocked the entire allocation for SSH abuse. Seems there are multiple bad actors in that part of the world.
Meanwhile, Public Backdoor in Many Chinese Phones Sent Data To US.
It's not the fall that kills you. It's the sudden stop at the end. -Douglas Adams
Like everything else, it's totally dependent on your point of view.
“He’s not deformed, he’s just drunk!”
Almost every meeting, I'm warning people about hackers from Russia, China, or phishers from Nigeria.
but they get it out of the phone and your online habits in more subtle ways. If you balk at this article, and then continue to use Android and various Google services, then you clearly have no idea what you're doing.
What is the subnet? What do you use to block it? Does my phone necessarily need to be rooted for me to block? Thanks.
What does Kryptowire do?
"Kryptowire provides mobile application software assurance tools, anti-piracy tools, marketplace security analytics, and mobile brand protection."
I translate it as "Kryptowire provides useless software applications for code that can not be secured, garbage, aggregation of personally identifiable data from its victims or its clients". No idea what "mobile brand protection" can mean in this context.
According to Bloomberg, "Kryptowire caters to military, law enforcement, and intelligence agencies." That i think translates to "guaranteed to be untrustworthy, lying AND incompetent if the money is right". But hey, they can figure out that an android service does something, on a phone. Good for them.
It's called root. You enable root, then choose from any of the many apps which mount the "rom" read-write and you check off which pre-installed apps you want to remove.
It's not "theoretical" anymore, Mr. Comey
Table-ized A.I.
Russia is not a race. China is not a race. Nigeria is not a race.
Android collects and sends text messages to state actors much better than that fucking overpriced hipster shit that Apple sells. Tak that - Apple Fanbois!
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
It's a post about food, and the two shits you gave was probably more than all the other readers combined (unless they actually ate the chicken).
"WizBang Game App Wants Access to Read and Send SMS - Allow - Deny"
99.9% of people click Allow without even reading the popup.
Or, like me, you willingly accepted the bargain. I don't mind *Google* having my info, as it lowers friction across their services and makes my searches/maps better. I don't like the idea they can and do hand it over to the TLA's, but I'm not stupid enough to believe we really have any choice there anyways,
What I do not agree to is foreign governments or actors having that info. I install precious few apps, mainly because 90% of them are garbage, and otherwise to limit my exposure. That, and XPrivacy + hosts blocking lets me sleep at night.
Defending IP by destroying access to it? That makes sense, RIAA/MPAA. Go to the corner until you can play nice!
You can cross compile tcpdump and capture all network traffic to flash for analysis. I did this for weeks when I first got Android to make sure all "evil bits" of which there are many had been successfully exorcised from *MY* phone.
Obviously anything that comes is preinstalled could hook the kernel and lie but I'm not yet paranoid enough to care about such possibilities. What's next compromised compilers? I seem to recall Microsoft already got caught doing that.
Facebook does something similar in that it would upload a person's contact list, along side with its photos to its servers. If a person on Facebook does not have pictures of themselves posted, and a friend with the Facebook/Whatsapp App on the phone, with a picture of the person in the contact list, it would get uploaded to FB servers and they would have an image.
FB asks people to identify faces whenever they try to authenticate a person when logging in from non-typical machines. This lets them to validate the photos.
Things became significantly worse ever since it acquired Whatsapp, where access to users phones became even more invasive.
Tex-Mex tacos are still tacos. The history of Texas and the Southwestern U.S. is such that the definition of "taco" doesn't end at the U.S./Mexico border. The Spanish government may have retreated, but the people remained.
Tacos continued to evolve North of the border... but then who thinks they haven't continued evolving South of the border too?
IMHO, the best place to grab a "true" Mexican Taco is in a Mexican restaurant out by the auto garages and cheap homes around a Texan or Arizona border town. Better quality ingredients, cleaner water and higher standards for sanitation. You'll need to speak Spanish of course...
The Chinese now have enough information to blackmail a lot of people. Think, what do they know about Anthony Wiener now?
Zooty and Hooey phones ship with pre-broken firmware from China. Now we are seeing apps take advantage of it.
Nowadays "advertising information" is the new biometrics. Or, if you will, meta-biometrics. Its already been reported that it takes only 3 pieces of user preference data to uniquely identify most people. Get used to it. Resistance is Futile. If it isn't already, your every move on the internet is being tracked, indexed, cross-referenced and added to your "dossier". End of story.
And, ALL Windows 10 machines send data back to the U.S. every second.
Why is it only bad if China does it? That's a little bit of a double standard, don't ya think?