Author Topic: Your Phone is Talking to China (Read 1030 times)

Ben · « **on:** November 15, 2016, 02:33:03 PM »

Up to 700 million phones apparently infected. I've only read the Foxnews article as of yet, not the one they linked to.

http://www.foxnews.com/tech/2016/11/15/secret-software-in-some-android-phones-sent-data-to-china-experts-warn.html

RevDisk · « **Reply #1 on:** November 15, 2016, 03:28:14 PM »

As usual, media story isn't very helpful. It's not a backdoor, per se, it's "telemetry". Which is a term for intentional malware that the coder may also use for actual quality assistance as well as spying on people. This is essentially a joke compared to the amount of telemetry in any iOS product, AutoCAD, etc.

For those interested, http://www.kryptowire.com/adups_security_analysis.html

For my version of Android, I looked at the following:

Settings -> Application Manager -> menu button in upper right corner -> show system

You're looking for:

com.adups.fota.sysoper
com.adups.fota

You can disable by blocking the following domains on your router:

bigdata.adups.com (primary)
bigdata.adsunflower.com
bigdata.adfuture.cn
bigdata.advmob.cn

Mostly shouldn't impact US phones however.

Ben · « **Reply #2 on:** November 15, 2016, 04:01:33 PM »

Hey, thanks for that tip Rev! I'm clean. :)

RevDisk · « **Reply #3 on:** November 15, 2016, 04:07:26 PM »

No worries, mate.

Edit:

For anyone curious... It's not Android based, it's not a security bug, it's software intentionally installed on the phone from the manufacturer. The better analogy is the semi malware "bloatware" installed on new PCs.

Problem is, with a PC, you can and should always wipe it from the factory and reinstall from known good media. With phones, you can't reinstall Android or iOS from known good media, only from the built in ROM. It's convenient, but it means any malware from the manufacturer may be literally impossible to remove.

Ben · « **Reply #4 on:** November 15, 2016, 04:08:29 PM »

Quote from: RevDisk on November 15, 2016, 04:07:26 PM

The better analogy is, this is no different than the semi malware "bloatware" installed on new PCs. It's not Android based, it's not a security bug, it's software intentionally installed on the phone from the manufacturer.

Similar to the Lenovo kerfuffle?

RevDisk · « **Reply #5 on:** November 15, 2016, 04:18:31 PM »

Quote from: Ben on November 15, 2016, 04:08:29 PM

Similar to the Lenovo kerfuffle?

Multiple Lenovo malware kerfuffles, and yes. It's very similar to the OneKey Optimizer. Not SuperFish, which was pre-installed malware that intercepted your encrypted internet traffic. OKO was bloatware that was hideously insecure and launched from anti-theft firmware. It thankfully was not burned to ROM, so a firmware update could wipe it. It was also unintentional malware, it's purpose was to be another CCleaner like crap app rather than steal your information.

Armed Polite Society

News:

Author Topic: Your Phone is Talking to China (Read 1030 times)

Ben

Your Phone is Talking to China

RevDisk

Re: Your Phone is Talking to China

Ben

Re: Your Phone is Talking to China

RevDisk

Re: Your Phone is Talking to China

Ben

Re: Your Phone is Talking to China

RevDisk

Re: Your Phone is Talking to China