Chinese Mobile App Companies Are a National Security Risk, Says a Top Democrat (cnet.com)

← Back to Stories (view on slashdot.org)

Chinese Mobile App Companies Are a National Security Risk, Says a Top Democrat (cnet.com)

Posted by msmash on Friday December 7, 2018 @06:20AM from the growing-tension dept.

Chinese mobile app companies pose the same national security risk to the US as telecom giants like Huawei and ZTE, Sen. Mark Warner said in an interview. From a report: Recent US legislation largely banned Huawei and ZTE from use by the government and its contractors, due to concerns about surveillance and other national security risks. Now Warner, the top Democrat on the Senate Intelligence Committee, is signaling that Chinese app developers may face similar scrutiny from lawmakers, corporate America, and the intelligence community.

Warner's comments follow a recent BuzzFeed News report that popular apps from China's Cheetah Mobile and Kika Tech were exploiting user permissions to engage in a form of ad fraud. Eight Android apps with more than 2 billion total downloads were said to be engaging in a form of app-install ad fraud. Google subsequently removed two of the apps from the Play store and said it continues to investigate. Cheetah and Kika deny engaging in app-install fraud. "Under Chinese law, all Chinese companies are ultimately beholden to the Communist Party, not their board or shareholders, so any Chinese technology company -- whether in telecom or mobile apps -- should be seen as extensions of the state and a national security risk," Warner said in an interview this week with BuzzFeed News. Further reading: Sen. Warner calls for US cyber doctrine, new standards for security.

40 of 76 comments (clear)

Min score:

Reason:

Sort:

What about Apple phones by slash.jit · 2018-12-07 07:04 · Score: 1

How do we know that the Chinese have not put some machine/hardware level malware in the Apple phones electronics ?
1. Re:What about Apple phones by Kohath · 2018-12-07 08:06 · Score: 3, Interesting
  
  How do we know that the Chinese have not put some machine/hardware level malware in the Apple phones electronics ?
  You know this kind of thing doesn't happen, right? There are hundreds of millions of iPhones. So you'd need an enormous, industrial level conspiracy to get extra hardware in them. And all it would take to unravel the biggest espionage operation in world history is for one person to find one strange thing with one phone. The iPhone is the world's most scrutinized product.
  It's not even believable enough for a movie script.
2. Re:What about Apple phones by slash.jit · 2018-12-07 08:36 · Score: 1
  
  whats wrong with starting a conspiracy theory ?
  lets have some fun
3. Re:What about Apple phones by Kohath · 2018-12-07 08:52 · Score: 1
  
  whats wrong with starting a conspiracy theory ?
  lets have some fun
  It's not fun. People believe that shit and then don't get their kids vaccinated and then their kids die of measles. People believe all kinds of false or exaggerated stories and they make their lives and the lives of the people around them worse.
4. Re:What about Apple phones by Kohath · 2018-12-07 08:59 · Score: 1
  
  I never saw any ZTE hate. ZTE got caught transferring technology against export controls, made a deal with authorities to stop it and punish those responsible, and then got caught cheating on the deal.
  The historical Huawei hate always seemed weirdly organized though, like someone was orchestrating it.
5. Re:What about Apple phones by geek · 2018-12-07 10:45 · Score: 1
  
  Except its not really a conspiracy. This is why Huawei is banned for gov use in the USA. The NSA and CIA have been found to tamper with US equipment in customs on its way to other nations. China has done the same a number of times.
  Phones may be different but there is a lot of history of this with other tech.
6. Re:What about Apple phones by Kohath · 2018-12-07 14:19 · Score: 1
  
  Yeah, it's possible to tamper with a few devices. It isn't possible to tamper with a few hundred million devices.
7. Re:What about Apple phones by DNS-and-BIND · 2018-12-07 20:44 · Score: 1
  
  The CIA did precisely this to the Soviet Union during the Cold War. It's not a stupid conspiracy theory. It is absolutely believable because it really happened. Why do you think the CIA is shouting so loudly about this?
  
  --
  Shutting down free speech with violence isn't fighting fascism. It IS fascism!
8. Re:What about Apple phones by Kohath · 2018-12-08 14:35 · Score: 1
  
  Someone would find ersatz parts or code in that many devices.
Because of monitoring by SuperKendall · 2018-12-07 07:06 · Score: 4, Interesting

Lots of people (including myself) spend a lot of time with all iPhone networking traffic going through web proxies. We'd especially notice some odd connections going off to China...

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
1. Re:Because of monitoring by grep+-v+'.*'+* · 2018-12-07 07:24 · Score: 2
  
  We'd especially notice some odd connections going off to China
  No you wouldn't. Those crafty devils are hiding data BETWEEN the bits where you don't normally look. Durn Fernegners!
  
  --
  If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
2. Re:Because of monitoring by OrangeTide · 2018-12-07 07:29 · Score: 1
  
  Huawei has a big office in Santa Clara, CA. They're so damn secretive over there most employees don't know what projects are done in their own building.
  
  --
  “Common sense is not so common.” — Voltaire
3. Re:Because of monitoring by DigiShaman · 2018-12-07 09:45 · Score: 1
  
  How do you readily discern whether or not SSL traffic is from an app or browser traffic?
  
  --
  Life is not for the lazy.
4. Re:Because of monitoring by Phylter · 2018-12-07 09:57 · Score: 1
  
  You're assuming that they don't have an OS level piece that allows their traffic to bypass VPN. In the world of cybersecurity just assume anything is possible.
5. Re:Because of monitoring by SuperKendall · 2018-12-07 10:55 · Score: 1
  
  First off, there's no way to know that it doesn't just not bother sending anything if behind a proxy
  Yes, possibly, but there is also Charles on IOS now, which works as a VPN and not a proxy... I don't see anything on there either.
  Beyond that, you're assuming it's sending data to China and not to control servers located elsewhere.
  I'm looking for odd traffic regardless of destination and try to figure out what it is transmitting.
  Basically there are enough people watching here and there that if something were there, people would notice. Like I said I'm not the only one doing this.
  we know that iCloud was likely compromised by Chinese backdoor hardware.
  *Rolls eyes*
  We know the opposite actually, thanks for playing. I'll just leave you to play with your tinfoil hat.
  
  --
  "There is more worth loving than we have strength to love." - Brian Jay Stanley
6. Re:Because of monitoring by Rob+Riggs · 2018-12-07 11:21 · Score: 1
  
  Sure... like only leaking data when the phone is connected to a certain rogue LTE nodes...
  
  --
  the growth in cynicism and rebellion has not been without cause
Corporate controlled hardware... by Anonymous Coward · 2018-12-07 07:08 · Score: 1

Is the National Security Risk for (Pick Your Nation).
Maybe when politicians realize that, and start pressuring companies to produce hardware that is end-user or institution controlled and managed, we will finally have some real security that will be immune to the threat of 'chinese mobile apps' or any other corporate apps (like microsoft, facebook, google, yandex, apple (even if they claim otherwise), etc. All of whom have the same or even more invasive levels of access to personal data, before handing over backdoors to foreign or domestic government agencies.)
If they were really concerned about security they would take a stand, even if unpopular, to ensure control and rights remain in the hands of the end users or organization in the case of institution issued devices. Doing otherwise is neglectful, ignorant, and/or outright malicious.
Re:China's is not a legitimate government - at all by fustakrakich · 2018-12-07 07:09 · Score: 1

Even a retard like Trump isn't entirely wrong about resisting them...
Right?

--
“He’s not deformed, he’s just drunk!”
Re:Racist undertone. by MrMr · 2018-12-07 07:26 · Score: 1

We have always been at war with Eastasia.
Re:China's is not a legitimate government - at all by OrangeTide · 2018-12-07 07:26 · Score: 1

He can be right and a hypocrite at the same time.

--
“Common sense is not so common.” — Voltaire
Re:Racist undertone. by OrangeTide · 2018-12-07 07:30 · Score: 4, Insightful

Is this really about an ethnic group or is it about one big government versus another big government? I like to think that superpower politics are more subtle than race.

--
“Common sense is not so common.” — Voltaire
Well, it's a repressive dictatorship, for one by XXongo · 2018-12-07 07:35 · Score: 5, Insightful

Pure racism. Why single out the Chinese when, for example, Facebook does it?
Because Facebook merely wants to sell you ads. China actually is an authoritarian dictatorship.
It's easy enough to blur the two together, but really, it's false equivalency.
Of course they are by WindBourne · 2018-12-07 07:37 · Score: 1

Only an idiot downloads without checking more about the source. Sadly, many do it.

--
I prefer the "u" in honour as it seems to be missing these days.
Re: Why such narrow wording? by WindBourne · 2018-12-07 07:38 · Score: 1

China is a very high risk, as is anything by Russia, or their allies.

--
I prefer the "u" in honour as it seems to be missing these days.
US is creating its own enemies by presidenteloco · 2018-12-07 08:12 · Score: 1, Insightful

current attitudes in Washington are making adversaries / enemies out of nations that might have been just as happy to co-operate economically.

This applies to China in particular. It's probably mostly paranoid, xenophobia and racism driving it.

Thanks for re-starting the cold-war, dufuses.

--

Where are we going and why are we in a handbasket?
1. Re:US is creating its own enemies by WindBourne · 2018-12-07 08:53 · Score: 1
  
  I agree that Trump is certainly destroying our relationship with allies, but as far as China goes, they have been in an economic war with the west for the last 30 years.
  They were required to drop their massive number of tariffs, as well as quit manipulating their money, and instead, they continue to raise tariffs and heavily manipulate their money, as well as subsidize and dump.
  
  The cold war with China was already going on.
  And as to Russia, it was Russia that invaded Georgia and Ukraine. Ask the Eastern European how they feel about it as well as Germany holding NATO back from helping the east more.
  
  --
  I prefer the "u" in honour as it seems to be missing these days.
2. Re:US is creating its own enemies by j35ter · 2018-12-08 01:28 · Score: 1
  
  Eastern European here.
  Get the Fuck Out of East Europe.
  Best regards
  
  --
  Delta-Mike November Bravo Tango
3. Re:US is creating its own enemies by WindBourne · 2018-12-09 06:12 · Score: 1
  
  Da Da, ya uveren, chto vashi bossy khotyat, chtoby Amerika ushla s dorogi.
  
  So, do you make good money now that you are out of military and working directly for bortnikov?
  
  --
  I prefer the "u" in honour as it seems to be missing these days.
He's saying don't shitpost so much by presidenteloco · 2018-12-07 08:28 · Score: 1

It's unhygienic.

As is excessive Pr0n consumption.

Speaking of which, I think a good explanation for Trump's insane pottymouth tweet-stream is his dumbphone (specially altered smartphone) has been hacked, via a mobile porn site, by the Chinese, and they have a war-room staffed by their greatest state-loyal comedians, carefully crafting Trump's every tweet.

--

Where are we going and why are we in a handbasket?
Re:Racist undertone. by Ryanrule · 2018-12-07 09:04 · Score: 1

Govt vs govt. Any major Chinese company is govt controlled. To think otherwise is ignorant and foolish.
Re:China's is not a legitimate government - at all by fustakrakich · 2018-12-07 09:12 · Score: 2

The message sent? Words have no meaning.

--
“He’s not deformed, he’s just drunk!”
The Play Store has become a cess pool. by NextApp · 2018-12-07 09:28 · Score: 1

Buying paid reviews is common. And it's blatantly obvious, e.g., when one of my apps gets a review with a comment, it tends to be a sentence or two in length; most of the competitive apps in my space have pages of three-word, five star reviews, clustered together. Google does not appear to care. Most tend to be from a single particular country.
It's also worth noting that using the Google Play Store is NOT ALLOWED in China. So when you're a developer there doing this kind of stuff, you're 100% guaranteed not to be committing fraud against your own country's citizens.
Many developers also use a "whack-of-mole" strategy, distributing basically the same app by multiple "companies". In the unlikely event one actually gets taken down, the effect is negligible.
So it's litigation proof. The reviews look great. The apps are pretty enough. Google doesn't care. Users never seem to wonder how the company is actually going to make money on something that appears "entirely free".
My genuine competitors and myself are being destroyed by this. The overall quality of the *average* user's smartphone experience is worse today than it ever has been as a result. I believe this problem is a key factor in why we're seeing the momentum of the smartphone market collapse.
1. Re: The Play Store has become a cess pool. by TJHook3r · 2018-12-07 13:01 · Score: 1
  
  I don't get an app unless the reviewers appear to have a broad range of written styles and names. It's pretty obvious that most of the first hundred/thousand reviews of an app are family/friends/bots
Re:Why such narrow wording? by Narcocide · 2018-12-07 11:28 · Score: 1

Agreed. Proper wording: Mobile apps are a risk.
The answer will surprise you... by Narcocide · 2018-12-07 11:32 · Score: 1

Nothing. Nothing at all. For that matter what would stop an actual US citizen from doing the same thing for fun or for profit? Again, it's fucking nothing.
1. Re:The answer will surprise you... by WindBourne · 2018-12-07 12:59 · Score: 1
  
  The difference is probability. Chinese companies MUST do what Chinese gov says. OTOH, we are paying attention to companies that are being set up in America.
  For example, google for Global IP, and satellites. This is a company designed from the ground up to steal Sat tech. That is one out of many sat companies that are not about sending tech to China.
  
  Now, with that said, obviously security through obfuscation or by nationalism, is not 100% successful .
  
  --
  I prefer the "u" in honour as it seems to be missing these days.
US social services are a national security risk by kaur · 2018-12-07 12:03 · Score: 1

to any other nation than US.
And maybe even to US.
Re: Racist undertone. by TJHook3r · 2018-12-07 12:58 · Score: 1

It's not racist if it's true
Funny.. by SuperDre · 2018-12-08 04:19 · Score: 1

Pointing fingers to others while you yourself are much better at it.... The US shouldn't be such hypocrites as rhey do it themselves much worse to other countries and to their own citizens...
with a proper security model ... by epine · 2018-12-08 10:11 · Score: 1

With a proper security model, suspect Android downloads could be sandboxed with permissions to do SFA, and all the IP endpoints it initiates could be thoroughly logged.