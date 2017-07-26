Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
Security Android Businesses China Privacy

Some Low-Cost Android Phones Come at a Price -- Your Privacy (cnet.com) 28

Posted by msmash from the privacy-woes dept.
Cheap phones are coming at the price of your privacy, security analysts discovered. From a report: At $60, the BLU R1 HD is the top-selling phone on Amazon. Last November, researchers caught it secretly sending private data to China. Shanghai Adups Technology, the group behind the spying software on the BLU R1 HD, called it a mistake. But analysts at Kryptowire found the software provider is still making the same "mistake" on other phones. At the Black Hat security conference in Las Vegas on Wednesday, researchers from Kryptowire, a security firm, revealed that Adups' software is still sending a device's data to the company's server in Shanghai without alerting people. But now, it's being more secretive about it. "They replaced them with nicer versions," Ryan Johnson, a research engineer and co-founder at Kryptowire, said. "I have captured the network traffic of them using the Command and Control channel when they did it." An Adups spokeswoman said that it had resolved the issues in 2016 and that the issues "are not existing anymore." Kryptowire said it has observed the company sending data without telling users on at least three different phones.

Some Low-Cost Android Phones Come at a Price -- Your Privacy More | Reply

Some Low-Cost Android Phones Come at a Price -- Your Privacy

Comments Filter:

  • Wow, color me 'surprised'! (Score:1)

    by Anonymous Coward
    ..and I'm supposed to have a smartphone, why, again?

    Implying that ANY smartphone is going to be ANY better in this regard

  • Loss leader? I'm wondering if these low priced phones are actually subsidized by the Chinese government. How nice it would be if a similar priced phone could be offered with verifiable open source firmware. (Ok, from here in just call me Captain Obvious.)

  • There have been processes for behavioral tracking for years now. The trick is to root the device, yank the Chinese certificates out of your root CA store [1], add outgoing blocks on the iptables level to ensure that it doesn't phone home, add some ad blocking, and you will have a decent phone for a cheap price. Ideally, install an OS like LineageOS (if available.)

    [1]: It is interesting to see what both Apple and Android device makers stick in the root CA store. It is wise to reduce that number.

    • There have been processes for behavioral tracking for years now. The trick is to root the device, yank the Chinese certificates out of your root CA store [1], add outgoing blocks on the iptables level to ensure that it doesn't phone home, add some ad blocking, and you will have a decent phone for a cheap price. Ideally, install an OS like LineageOS (if available.)

      It's so easy, anyone can do it!

    • Yes to all of this.

      I will not use a phone I can't replace the OS on, mostly for these reasons.

    • [1]: It is interesting to see what both Apple and Android device makers stick in the root CA store.

      . . . it would be interesting to see what both Apple and Android device makers stick in the hidden root CA store.

  • When the spyware comes along...
    You must root it!
    plug a cable in the phone
    you can root it!
    https://theunlockr.com/2013/11... [theunlockr.com]

  • I've just shat myself with surprise!

    Who didn't automatically assume this was the case?

    Seriously.

  • I thought tis was already found on the BLU phones long ago? Aside from a few dedicated Android flavors, most Android devices harvest data and send it back to Google or the manufacturer. why is this news again?

Slashdot Top Deals

"Old age and treachery will beat youth and skill every time." -- a coffee cup

Close