Secret Backdoor in Some US Phones Sent Data To China (nytimes.com)

← Back to Stories (view on slashdot.org)

Secret Backdoor in Some US Phones Sent Data To China (nytimes.com)

Posted by msmash on Tuesday November 15, 2016 @04:00AM from the china-and-backdoors dept.

Security contractors have warned that many Android smartphones ship with preinstalled software that has a backdoor that sends all your text messages to China every 72 hours. (Editor's note: the link could be paywalled; here's the press release.) The New York Times reported Tuesday that "the American authorities say it is not clear whether this represents secretive data mining for advertising purposes or a Chinese government effort to collect intelligence." From the report: International customers and users of disposable or prepaid phones are the people most affected by the software. But the scope is unclear. The Chinese company that wrote the software, Shanghai Adups Technology Company, says its code runs on more than 700 million phones, cars and other smart devices. One American phone manufacturer, BLU Products, said that 120,000 of its phones had been affected and that it had updated the software to eliminate the feature. Kryptowire, the security firm that discovered the vulnerability, said the Adups software transmitted the full contents of text messages, contact lists, call logs, location information and other data to a Chinese server. The code comes preinstalled on phones and the surveillance is not disclosed to users, said Tom Karygiannis, a vice president of Kryptowire, which is based in Fairfax, Va. "Even if you wanted to, you wouldn't have known about it," he said.

60 of 111 comments (clear)

Min score:

Reason:

Sort:

Ads or government collection by Calydor · 2016-11-15 04:05 · Score: 5, Insightful

Why not both?
Is there some magical thing that says if something is collecting for advertisement purposes it can't be shared with intelligence agencies?

--
-=This sig has nothing to do with my comment. Move along now=-
1. Re: Ads or government collection by Anonymous Coward · 2016-11-15 04:10 · Score: 1
  
  Right. We know from the Snowden leaks that US intelligence doesn't miss any opportunity to collect data. Why would China be any different?
2. Re:Ads or government collection by Darinbob · 2016-11-15 07:07 · Score: 2
  
  So many web devs adamantly support advertising as the way to make money and keep their jobs. So why not support government spying a a means to make money, they've already sold their souls to the advertisers so one more concession shouldn't be a big deal, right? After all government spying at least is not as intrusive as ads, the government actually makes it a point to not clutter up the web pages or interrupt you in the middle of a video, and takes a neutral stance in the war between Budweiser and Coors.
3. Re:Ads or government collection by djinn6 · 2016-11-15 08:19 · Score: 1
  
  On the plus side, they'll probably only share it with Chinese government, which can't screw me over as much as the American one.
Oh no what an awful accident by Anonymous Coward · 2016-11-15 04:09 · Score: 4, Funny

No reason to be alarmed. Clearly this is just a testing and debugging feature introduced by some errant developer that's been accidentally left in the release build firmware. It will be patched and fixed and you can all go back to buying these phones in safety. No way the Chinese government would have deliberately done this.
1. Re:Oh no what an awful accident by Anonymous Coward · 2016-11-15 04:28 · Score: 1
  
  With the Chinese government half a world away, I am way more worried about the US Govt. having my text messages than Chairman Mao.
2. Re:Oh no what an awful accident by I'm+New+Around+Here · 2016-11-15 04:32 · Score: 1
  
  Don't worry, they didn't mention Grindr messages in the article.
  
  --
  If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
3. Re:Oh no what an awful accident by SScorpio · 2016-11-15 05:03 · Score: 1
  
  I'm not worried either considering Mao's been dead for forty years. Chairman Meow on the other hand....
4. Re:Oh no what an awful accident by ShanghaiBill · 2016-11-15 05:27 · Score: 2
  
  I'm not worried either considering Mao's been dead for forty years.
  History is repeating itself. Xi Jinping is purging his political opponents, mostly by accusing them of corruption, and promoting a personality cult. It will be interesting to see if he steps down at the end of his term in office, or whether he stays on "for the good of the nation".
5. Re:Oh no what an awful accident by Anonymuous+Coward · 2016-11-15 06:31 · Score: 1
  
  That is an idiotic thing to say.
  Even if the data sent from the phone to the Chinese is encrypted, the phone has to have the key, so it's trivial for just anybody to intercept and read your messages. Including the US Govt. or low-key scammers.
6. Re:Oh no what an awful accident by whoever57 · 2016-11-15 07:44 · Score: 1
  
  Even if the data sent from the phone to the Chinese is encrypted, the phone has to have the key, so it's trivial for just anybody to intercept and read your messages
  Apparently you never heard of asymmetric encryption. So, no the phone doesn't need to have the key required to decrypt the data.
  
  --
  The real "Libtards" are the Libertarians!
7. Re:Oh no what an awful accident by Anonymuous+Coward · 2016-11-15 09:38 · Score: 1
  
  Haven't had your coffee yet?
  The story is about your phone sending your personal data to some 3rd party, not about your phone downloading stuff from some 3rd party. Who has to encrypt and who has to decrypt there?
  The only way to "secure" that somehow is to have some unique (and unpredictable) secret token burned into each phone, and derive the encryption key from it. The IMEI or serial number won't cut it.
8. Re:Oh no what an awful accident by viperidaenz · 2016-11-15 10:16 · Score: 1
  
  Or have the phone encrypt the data with the servers public key, so only the servers private key can decrypt it?
9. Re:Oh no what an awful accident by laing · 2016-11-15 11:24 · Score: 1
  
  Don't worry, the US Government will most definitely also get a copy of any IP traffic sent between US soil and the PRC.
Another Day, Another Android Exploit by TheFakeTimCook · 2016-11-15 04:09 · Score: 2, Funny

This is like Windows XP. What a cluster!
1. Re: Another Day, Another Android Exploit by Anonymous Coward · 2016-11-15 04:18 · Score: 5, Insightful
  
  This has nothing to do with Android... it's not a bug. This is preinstalled malware on Chinese phones.
  Stop drinking the koolaid.
2. Re:Another Day, Another Android Exploit by magarity · 2016-11-15 05:42 · Score: 1
  
  It may be tedious but you can uninstall bloatware from your big-brand Windows PC. The *^&%$ preinstalled Android stuff can't because they compile it into the ROM.
3. Re: Another Day, Another Android Exploit by TheFakeTimCook · 2016-11-16 03:49 · Score: 1
  
  Stop drinking the koolaid.
  If you look at TheFakeTimCook's posting history, you'll conclude that he's actually serving the koolaid. His posts are nothing but a constant stream of pro-Apple/anti-[everything else] drivel.
  Looks like he pulled the trigger on this one with an anti-android dig without fully thinking it through.
  I am honored that the AC has so little to actually do in his life that he/she can devote the effort to launch an in-depth analysis of my Slashdot Posts.
  
  Perhaps if this alleged human would favor us with a Login, we could return the favor, and do an in-depth analysis if his/her Posting history, eh?
Always a good sign... by fuzzyfuzzyfungus · 2016-11-15 04:11 · Score: 5, Interesting

The really disturbing thing isn't that some shit Chinese handsets are full of spyware; but that our own technology industry is so overrun with advertisers, tracking, and 'analytics', that we can't distinguish between espionage and the Chinese just catching up with our business models; because the only real difference is that espionage tends to run at a loss, while advertising is economically self sustaining.
1. Re:Always a good sign... by Anonymous Coward · 2016-11-15 04:56 · Score: 4, Informative
  
  This isn't new. Has everyone already forgot about Carrier IQ?
2. Re:Always a good sign... by alvinrod · 2016-11-15 05:32 · Score: 4, Informative
  
  If a government can legally compel a company to hand over their advertising information, there's no functional difference between the two. I can think of very little that a government might want to know about a person that an advertising agency would have no interest in collecting.
  
  I think that Bill Hicks's thoughts on the matter are still quite appropriate.
3. Re:Always a good sign... by ljw1004 · 2016-11-15 08:43 · Score: 1
  
  the only real difference is that espionage tends to run at a loss, while advertising is economically self sustaining.
  I'm not sure what calculation that would be. Advertising costs money, is paid for out of revenue, which is paid for by passing the cost to customers. Espionage costs money, is paid for out of government funds, which is paid by passing the cost to tax-payers.
4. Re:Always a good sign... by fuzzyfuzzyfungus · 2016-11-15 09:49 · Score: 1
  
  Plus, the ad guys are busily competing with one another to enhance their techniques; and since they are (on the whole) turning a profit, they have no incentive to stop.
  
  The feds have the disadvantage of being more likely to call down the jackboots on you; but unless particularly irrational their desire to spend money on further surveillance is usually outweighed by their desire to fund other projects once they are reasonably confident that the major threats are being watched.
  
  It has really been terribly depressing watching the breakdown of even the pretense of privacy, and the rise of people talking about the most egregious commercial surveillance like it is inevitable, or even a feature.
willing to bet, or at least think about by w3bd4wg · 2016-11-15 04:17 · Score: 2

I am willing to bet that this code was originally meant to monitor Chinese users and was either put in by a Chinese agent without the companies knowledge or forded to be put in by the Chinese government. I would be willing to think that someone forgot to take it out, or someone said lets try this, but for the Chinese government to do something so obvious...I do now know.
"updated the software to eliminate the feature" by SpankiMonki · 2016-11-15 04:19 · Score: 5, Funny

Oh, it was just a feature. Whew! What a relief. For a second there, I thought it might be malware.
Japanese by Oswald+McWeany · 2016-11-15 04:28 · Score: 5, Funny

I'm going to send texts saying I'm eating Japanese food on a more regular basis now.
Hey honey, look at this Japanese sweet and sour chicken I'm eating. I feel like going to the Japanese restaurant for General Tsao's chicken tonight.
- that oughta piss 'em off.

--
"That's the way to do it" - Punch
1. Re:Japanese by clemdoc · 2016-11-15 04:46 · Score: 1
  
  whoosh
2. Re:Japanese by PmanAce · 2016-11-15 05:07 · Score: 1
  
  It's North American actually.
  
  --
  Tired of my customary (Score:1)
3. Re:Japanese by Culture20 · 2016-11-15 05:59 · Score: 3, Funny
  
  No one in China knows what the hell General Tso's Chicken is.
  It's four pay grades better than Colonel Sanders' chicken, that's what it is!
4. Re:Japanese by Ogive17 · 2016-11-15 07:02 · Score: 1
  
  Start mentioning the Senkaku islands if you want to make a splash
  
  --
  "Action without philosophy is a lethal weapon; philosophy without action is worthless."
5. Re:Japanese by GTRacer · 2016-11-15 07:49 · Score: 1
  
  I think I love you. I really needed a good laugh, and, like the man said, there it is!
  
  --
  Defending IP by destroying access to it? That makes sense, RIAA/MPAA. Go to the corner until you can play nice!
6. Re:Japanese by JustAnotherOldGuy · 2016-11-15 08:45 · Score: 1
  
  mega-uber-whoosh
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
Is your phone affected? by resfilter · 2016-11-15 04:31 · Score: 5, Informative

From the press release, the affected phones have the following services installed:
com.adups.fota.sysoper
com.adups.fota
I'd probably check your phone to ensure those don't exist. ... And it sends data to the following domains, if ya wanted to firewall or sniff it or whatever:
bigdata.adups.com (primary)
bigdata.adsunflower.com
bigdata.adfuture.cn
bigdata.advmob.cn
1. Re:Is your phone affected? by Anonymous Coward · 2016-11-15 04:56 · Score: 1
  
  From the press release, the affected phones have the following services installed:
  com.adups.fota.sysoper
  com.adups.fota
  I'd probably check your phone to ensure those don't exist. ... And it sends data to the following domains, if ya wanted to firewall or sniff it or whatever:
  bigdata.adups.com (primary)
  bigdata.adsunflower.com
  bigdata.adfuture.cn
  bigdata.advmob.cn
  How about carpet bombing the servers you just listed? It would most likely bring down the core of the Chinese internet. We can teach the Chinese how to play "Ping" pong with a good concerted dos session I am sure. While were at it we could really throw a monkey wrench into the jerks in the states that wrote the crapware in the first place. Adware on commercial products is one thing but hiding it should be punished with an equal dose of poison. Hell even Microsoft does not try to hide adware in the system installs, only craptastic second rate OEMs like SONY do that kind of nonsense. Lesson here is if you do not know for sure what is installed don't buy the thing, including cars!
2. Re:Is your phone affected? by OrigamiMarie · 2016-11-15 07:02 · Score: 1
  
  Note: checking your running services has gotten harder in Marshmallow. Here's a guide: http://www.howtogeek.com/25830...
General Tso's chicken is "chinese" food by Anonymous Coward · 2016-11-15 05:03 · Score: 1

General Tso's chicken is about as Chinese as KFC. It's loosely based on Hunan cuisine but it originated in America (NYC). A shame really, authentic Chinese food is awesome. If you're ever in NYC hit up Xi'an Famous Foods, the lamb cumin noodles are fantastic. If you have more time, head over to Flushing and dive into almost any of the shops there and learn what real Chinese food is (and a good deal of it is much, much spicer than what your local take out place serves). I moved to NYC from Texas and I'm still learning how much of what I know about cultural cuisine is wrong. And just to complete the circle, for some reason there a lot of taco/tex-mex joints in the city which are run by chinese families. I know most people will find this is shocking, but they ain't Mexican taco's (and yes, I know what most tex-mex places serve aren't true "taco's" either).

Oh, and I'm pretty certain the OP knows that sweet and sour chicken and general tso's chicken aren't Japanese... that was the joke.
1. Re:General Tso's chicken is "chinese" food by VorpalRodent · 2016-11-15 05:43 · Score: 1
  
  It's loosely based on Hunan cuisine
  I initially read that as "Human" cuisine...as a picky eater, I can say that the meaning of the sentence as a whole didn't change substantially once I noticed my error.
  
  --
  Take it to the limit, everybody to the limit, come on, everybody fhqwhgads.
2. Re:General Tso's chicken is "chinese" food by Dutch+Gun · 2016-11-15 05:59 · Score: 1
  
  Exactly. And in Japan, curry (which is insanely popular, apparently) is considered "western food". Neither assumption is correct. Food is a bit like language that way, in how it gets borrowed and adapted in ways that make purists cry... but no one else cares, and enjoys their food.
  
  --
  Irony: Agile development has too much intertia to be abandoned now.
3. Re:General Tso's chicken is "chinese" food by ShanghaiBill · 2016-11-15 06:13 · Score: 1
  
  General Tso's chicken is about as Chinese as KFC.
  Most Americanized Chinese food is terrible. Even if you go to an authentic family-run Chinese restaurant, they will often have a separate menu for non-Chinese, with extra starch, grease, salt, and sugar, since they assume that is what you want. You have to specifically ask for the "Chinese menu". Just say "Qing gei wo zhongwen caidan". Oh, and the menu will be in Chinese, so you will need to learn to read hanzi.
4. Re:General Tso's chicken is "chinese" food by avandesande · 2016-11-15 06:33 · Score: 3, Funny
  
  India is West of Japan
  
  --
  love is just extroverted narcissism
5. Re:General Tso's chicken is "chinese" food by TheSync · 2016-11-15 06:58 · Score: 1
  
  I ordered the poached whole frog once from the Chinese menu. I went back to sweet & sour chicken real fast!
6. Re: General Tso's chicken is "chinese" food by LanceMcGrath · 2016-11-15 07:48 · Score: 1
  
  So is Hawaii, if you travel far enough.
7. Re:General Tso's chicken is "chinese" food by UberVegeta · 2016-11-15 10:17 · Score: 1
  
  in Japan, curry (which is insanely popular, apparently) is considered "western food". Neither assumption is correct.
  Japanese curry is an import from the UK, not from India, which gives it its Western credentials.
  Said curry is gaining popularity in the UK. For the uninitiated, in both places it's commonly sold under the name "katsu curry" which is a direct corruption of the English word "cuts" (katsu curry is served as sliced chicken with breadcrumbs in a mild curry sauce with white rice). This isn't an exhaustive definition, the curry can be sold with things other than sliced breaded chicken.
  There are two slightly odd/amusing things about this. The first is that in England, "katsu" is treated as an exotic foreign word. It really isn't (see above), it's just that Japanese has no phoneme for "cu-" as in "cut", nor "ts", thus it's impossible to say "cuts" in Japanese. The temptation to use "ku-" doesn't work because in Japanese, that's pronounced more like a short "coo-" as in "cooking." The second odd thing stems from the first: having no idea what "katsu" is supposed to mean, it gets interpreted as being the overall flavour. Hence, various food shops that know nothing about Japanese cuisine such as Greggs (a mass-market bakery) are selling nonsensical products such as "katsu bakes," which appears to be some sort of pastry containing chicken and curry powder but otherwise bearing no relation to katsu curry nor indeed the curries created in Britain, upon which katsu curry is based.
  Disclaimer: I am a Japanophile who has worked in Japan, and I'm from Birmingham which considers itself the curry capital of the UK.
  
  --
  I knew I needed to stop reading Slashdot and finish my PhD when I started to miss articles by Bennett Haselton.
8. Re: General Tso's chicken is "chinese" food by avandesande · 2016-11-15 10:51 · Score: 1
  
  Actually I wasn't trying to be funny. Without knowing a thing about Chinese culture I would guess that China has very different perspective on what is Asia, 'the far east', 'the west' etc.... those are 'western' constructs.
  
  --
  love is just extroverted narcissism
9. Re:General Tso's chicken is "chinese" food by Dutch+Gun · 2016-11-15 13:22 · Score: 1
  
  Japanese curry is an import from the UK, not from India, which gives it its Western credentials.
  That's like calling spaghetti an American dish because it was introduced to someone by an American. Anyhow, my point is that it doesn't really matter what we think, as Japanese will continue to consider curry "western", even though it's not, and Americans will continue to think fortune cookies are Chinese, which they aren't. Meh.
  Disclaimer: I'm not a Japanophile. I've just watched a lot of anime.
  
  --
  Irony: Agile development has too much intertia to be abandoned now.
10. Re:General Tso's chicken is "chinese" food by painandgreed · 2016-11-16 06:48 · Score: 1
  
  India is West of Japan
  By Western, they do mean European. That's because the Japanese got curry from advisors from the British navy (who got it from India). Curry is a good way to prevent scurvy which the Japanese had a big issue with on their first naval trip to Hawaii and the Americas and spent month in port just recovering. So, they adopted British naval cuisine which was curry. Apparently, they still serve curry in the Japanese navy every Friday. They have done their own thing with it by adding flour to the sauce to make it thicker, cooking it with beef (which they also got from the 'Westerners'), and serving on rice along with a side salad and glass of milk.
11. Re:General Tso's chicken is "chinese" food by Rakarra · 2016-11-16 13:51 · Score: 1
  
  Japanese curry is an import from the UK, not from India, which gives it its Western credentials.
  I see a lot of "Vermont Curry." Until going through Japanese curry options, I had no idea that Vermont was such a curry hotspot and originator!
In Soviet America, Chinese chairman spies you! by fubarrr · 2016-11-15 05:05 · Score: 2

In Soviet America, Chinese chairman spies you!
Thanks Google by 110010001000 · 2016-11-15 05:14 · Score: 1, Insightful

This is on Google. They need to get a grip on Android.
1. Re:Thanks Google by iggymanz · 2016-11-15 06:04 · Score: 1
  
  wrong, on the phone manufacturer who installed evil software. the OS is irrelevant, can be done with any OS
Subnet blocked for SSH abuse by satch89450 · 2016-11-15 05:32 · Score: 1

I checked the owning subnet, and found that I had already blocked the entire allocation for SSH abuse. Seems there are multiple bad actors in that part of the world.
Backdoors by paskie · 2016-11-15 05:34 · Score: 1

Meanwhile, Public Backdoor in Many Chinese Phones Sent Data To US.

--
It's not the fall that kills you. It's the sudden stop at the end. -Douglas Adams
Re: "updated the software to eliminate the feature by fustakrakich · 2016-11-15 05:51 · Score: 1

Like everything else, it's totally dependent on your point of view.

--
“He’s not deformed, he’s just drunk!”
Which subnet? by bigbang137 · 2016-11-15 06:03 · Score: 1

What is the subnet? What do you use to block it? Does my phone necessarily need to be rooted for me to block? Thanks.
1. Re:Which subnet? by satch89450 · 2016-11-15 09:41 · Score: 1
  
  I just checked, and they have moved their name into a different subnet. Snowshoes in action.
It's called "root". (Adminstrator for Windows user by raymorris · 2016-11-15 06:25 · Score: 2

It's called root. You enable root, then choose from any of the many apps which mount the "rom" read-write and you check off which pre-installed apps you want to remove.
There! by Tablizer · 2016-11-15 06:27 · Score: 1

It's not "theoretical" anymore, Mr. Comey

--
Table-ized A.I.
Android wins! by Ol+Olsoc · 2016-11-15 06:37 · Score: 1, Funny

Android collects and sends text messages to state actors much better than that fucking overpriced hipster shit that Apple sells. Tak that - Apple Fanbois!

--
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Re:Google is collecting exactly the same informati by GTRacer · 2016-11-15 07:54 · Score: 1

Or, like me, you willingly accepted the bargain. I don't mind *Google* having my info, as it lowers friction across their services and makes my searches/maps better. I don't like the idea they can and do hand it over to the TLA's, but I'm not stupid enough to believe we really have any choice there anyways,

What I do not agree to is foreign governments or actors having that info. I install precious few apps, mainly because 90% of them are garbage, and otherwise to limit my exposure. That, and XPrivacy + hosts blocking lets me sleep at night.

--
Defending IP by destroying access to it? That makes sense, RIAA/MPAA. Go to the corner until you can play nice!
Whats the difference anyway by bearvarine · 2016-11-16 05:49 · Score: 1

Nowadays "advertising information" is the new biometrics. Or, if you will, meta-biometrics. Its already been reported that it takes only 3 pieces of user preference data to uniquely identify most people. Get used to it. Resistance is Futile. If it isn't already, your every move on the internet is being tracked, indexed, cross-referenced and added to your "dossier". End of story.