Slashdot Mirror

← Back to Stories (view on slashdot.org)

Secret Backdoor in Some US Phones Sent Data To China (nytimes.com)

Posted by msmash on from the china-and-backdoors dept.

Security contractors have warned that many Android smartphones ship with preinstalled software that has a backdoor that sends all your text messages to China every 72 hours. (Editor's note: the link could be paywalled; here's the press release.) The New York Times reported Tuesday that "the American authorities say it is not clear whether this represents secretive data mining for advertising purposes or a Chinese government effort to collect intelligence." From the report: International customers and users of disposable or prepaid phones are the people most affected by the software. But the scope is unclear. The Chinese company that wrote the software, Shanghai Adups Technology Company, says its code runs on more than 700 million phones, cars and other smart devices. One American phone manufacturer, BLU Products, said that 120,000 of its phones had been affected and that it had updated the software to eliminate the feature. Kryptowire, the security firm that discovered the vulnerability, said the Adups software transmitted the full contents of text messages, contact lists, call logs, location information and other data to a Chinese server. The code comes preinstalled on phones and the surveillance is not disclosed to users, said Tom Karygiannis, a vice president of Kryptowire, which is based in Fairfax, Va. "Even if you wanted to, you wouldn't have known about it," he said.

11 of 111 comments (clear)

  1. Ads or government collection by Calydor · · Score: 5, Insightful

    Why not both?

    Is there some magical thing that says if something is collecting for advertisement purposes it can't be shared with intelligence agencies?

    --
    -=This sig has nothing to do with my comment. Move along now=-
  2. Oh no what an awful accident by Anonymous Coward · · Score: 4, Funny

    No reason to be alarmed. Clearly this is just a testing and debugging feature introduced by some errant developer that's been accidentally left in the release build firmware. It will be patched and fixed and you can all go back to buying these phones in safety. No way the Chinese government would have deliberately done this.

  3. Always a good sign... by fuzzyfuzzyfungus · · Score: 5, Interesting

    The really disturbing thing isn't that some shit Chinese handsets are full of spyware; but that our own technology industry is so overrun with advertisers, tracking, and 'analytics', that we can't distinguish between espionage and the Chinese just catching up with our business models; because the only real difference is that espionage tends to run at a loss, while advertising is economically self sustaining.

    1. Re:Always a good sign... by Anonymous Coward · · Score: 4, Informative

      This isn't new. Has everyone already forgot about Carrier IQ?

    2. Re:Always a good sign... by alvinrod · · Score: 4, Informative

      If a government can legally compel a company to hand over their advertising information, there's no functional difference between the two. I can think of very little that a government might want to know about a person that an advertising agency would have no interest in collecting.

      I think that Bill Hicks's thoughts on the matter are still quite appropriate.

  4. Re: Another Day, Another Android Exploit by Anonymous Coward · · Score: 5, Insightful

    This has nothing to do with Android... it's not a bug. This is preinstalled malware on Chinese phones.

    Stop drinking the koolaid.

  5. "updated the software to eliminate the feature" by SpankiMonki · · Score: 5, Funny

    Oh, it was just a feature. Whew! What a relief. For a second there, I thought it might be malware.

  6. Japanese by Oswald+McWeany · · Score: 5, Funny

    I'm going to send texts saying I'm eating Japanese food on a more regular basis now.

    Hey honey, look at this Japanese sweet and sour chicken I'm eating. I feel like going to the Japanese restaurant for General Tsao's chicken tonight.

    - that oughta piss 'em off.

    --
    "That's the way to do it" - Punch
    1. Re:Japanese by Culture20 · · Score: 3, Funny

      No one in China knows what the hell General Tso's Chicken is.

      It's four pay grades better than Colonel Sanders' chicken, that's what it is!

  7. Is your phone affected? by resfilter · · Score: 5, Informative

    From the press release, the affected phones have the following services installed:

        com.adups.fota.sysoper
        com.adups.fota

    I'd probably check your phone to ensure those don't exist. ... And it sends data to the following domains, if ya wanted to firewall or sniff it or whatever:

        bigdata.adups.com (primary)
        bigdata.adsunflower.com
        bigdata.adfuture.cn
        bigdata.advmob.cn

  8. Re:General Tso's chicken is "chinese" food by avandesande · · Score: 3, Funny

    India is West of Japan

    --
    love is just extroverted narcissism