Home | Community | Message Board

Cannabis Seeds UK
This site includes paid links. Please support our sponsors.


Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Shop: Left Coast Kratom Buy Kratom Capsules   PhytoExtractum Kratom Powder for Sale   Bridgetown Botanicals Bridgetown Botanicals

Jump to first unread post Pages: 1
Invisibletdubz
Male User Gallery


Registered: 02/26/12
Posts: 5,586
Android Phone Maker Ignored Researchers’ Warnings That Their Phones Had Backdoor
    #23849856 - 11/19/16 08:33 PM (7 years, 2 months ago)

https://motherboard.vice.com/read/android-phone-maker-ignored-researchers-warnings-that-their-phones-had-backdoor

A Chinese company has been caught pre-loading Android phones with software that sends peoples' text messages, location information, and call records to a Chinese server, The New York Times reports. Shanghai Adups Technology Company, otherwise known as Adups, says its code runs on over 700 million phones, although the scale of this particular issue is unknown.

But mobile security researchers say they already confronted Adups, and warned vendors who sold its products, about the backdoors over the last few years, to little avail.

“We tried very hard to contact Adups multiple times,” Tim Strazzere, a mobile security researcher, told Motherboard in an email. “After almost months they finally responded, yet I've only ever seen one device receive an update. They claim to fix things, but say the downstream manufacturers don't want to push the updates,” he continued.

According to The New York Times report, security firm Kryptowire recently found the suspicious activity with a phone that used Adups’ code, after one of the company's employees bought a cheap phone, the BLU R1 HD, for travel overseas. The researcher noticed unusual network activity, and then found the phone was sending text messages to a Shanghai-based server registered to Adups.

The automatically transferred data also included contact lists and unique identifiers such as the International Mobile Subscriber Identity (IMSI) number, according to a press release from Kryptowire. The several models of affected Android devices were available through online retailers such as Amazon and Best Buy, Kryptowire adds. (Neither outlet immediately responded to Motherboard’s request for comment).

“The firmware also collected and transmitted information about the use of applications installed on the monitored device, bypassed the Android permission model, executed remote commands with escalated (system) privileges, and was able to remotely reprogram the devices,” the announcement continues.

Adups' data exfiltration was not an accident but a deliberate feature, included to help a Chinese phone manufacturer monitor customer behaviour, the report continues. That code, however, which is not disclosed to phone users, made its way onto American phones. BLU Products, an American phone manufacturer that makes the BLU R1 HD, said that some 120,000 of its phone had been implicated, and the company has issued an update to cut off the unwanted feature, the report reads.

But according to Android security researcher Jon Sawyer, vendors, including BLU, were already aware of problems with Adup's code.

“I attempted contact through vendors, including BLU with no luck,” Sawyer told Motherboard in a Twitter message.

“The vendors just didn't care,” he wrote in a tweet.

BLU Products did not respond to Motherboard's request for comment.

Strazzere claimed there are still devices being sold online which contain the same, or nearly identical backdoors to what Jon and him previously highlighted.

“Users need to vote with their wallet,” Strazzere added. “Hopefully public shaming will make them actually update and protect some of these people...”


Extras: Filter Print Post Top
Offline5150
phantom
 User Gallery
Registered: 09/01/06
Posts: 5,437
Last seen: 4 years, 2 months
Re: Android Phone Maker Ignored Researchers’ Warnings That Their Phones Had Backdoor [Re: tdubz]
    #23881758 - 11/30/16 01:51 PM (7 years, 1 month ago)

Thats fucked up,didnt lenovo do the same thing
Last year


--------------------
"the way of the warrior is the resolute acceptance of death"

Miyamoto Musashi


Extras: Filter Print Post Top
Jump to top Pages: 1

Shop: Left Coast Kratom Buy Kratom Capsules   PhytoExtractum Kratom Powder for Sale   Bridgetown Botanicals Bridgetown Botanicals


Similar ThreadsPosterViewsRepliesLast post
* iTunes Phone Launch gema 633 0 08/30/05 06:03 PM
by gema
* Building a phone system newuser1492 834 6 03/10/05 10:04 AM
by darkfly
* i need help wiht my new phone and blue tooth apps. ZippoZM 685 1 06/01/05 06:54 PM
by TinMan
* My phone open for listeners? Fliquid 1,321 9 02/21/05 11:53 PM
by chocbruce
* RFID Tag/System Vulnerability daimyo 1,090 0 03/16/06 08:16 AM
by daimyo
* MP3 Creator Warns Tech Impasse Dooming Downloads Worf 1,171 7 10/05/04 12:13 AM
by Vvellum
* NASA research team successfully flies first laser-powered ai wingnutx 1,699 6 10/11/03 03:28 AM
by Le_Canard
* Computer Virus Fighters Warn Of New Internet Threat motamanM 1,017 2 08/22/03 05:47 PM
by monoamine

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: trendal, automan, Northerner
355 topic views. 0 members, 0 guests and 0 web crawlers are browsing this forum.
[ Show Images Only | Sort by Score | Print Topic ]
Search this thread:

Copyright 1997-2024 Mind Media. Some rights reserved.

Generated in 0.023 seconds spending 0.007 seconds on 14 queries.