June 10, 2019

A Question For The Tech Savvy Viewers

So there's this story on Ars Technica that can be largely summed up in this quote...

Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday.


Now this sounds remarkably similar in principal a story from last October that resulted in your humble blogger wiping egg from his face and dining upon crow. The vector in this case is software rather than hardware, but it still involves the spyware/malware mechanism being embedded in the products at the factory and being essentially irremovable.

This story is getting coverage on other non-Bloomberg outfits as well and seems to be endemic to the platform.
"While it is known that personal data collection and user tracking is pervasive in the Android app ecosystem as a whole we find that it is also quite prevalent in pre-installed apps."


So the implication is that this is not isolated.

As I said when self-immolating on the Bloomberg story, I happen to think that this sort of thing is quite likely to be happening. I also think that the Bloomberg 'rice grain sized chip embed' story contributed to a "cry wolf effect" problem with the public's understanding of the issue. 

However, I'm NOT particularly tech savvy, This story is akin to 'The Dero are wire-tapping by brain!" and that's always a cause for skepticism, but it does not rule it out*.

So...tech savvy viewers, what do you think about this one?

*Heck, Alex Jones is a complete nutter but he was right about something turning the fricking frogs gay (well, trans). 

Posted by: The Brickmuppet at 01:38 PM | Comments (1) | Add Comment
Post contains 275 words, total size 3 kb.

1 This one is kind of odd, in that it's a highly sophisticated piece of code, they managed to get it installed into the firmware at the supplier level, and yet in the end all it's doing is pushing ads to not very many people.
It's not clear from the article whether the supplier that provided the compromised firmware was hacked, were themselves being malicious, or just included something that they didn't quite understand the implications of.  That third option seems likely, and is the one that scares me the most.
With all of these issues, from the Microtrend fail, Huawei being banned for being spies for the Chinese govt, and now this one, my opinion is pretty much the same: I don't care if we actually have concrete proof that they're doing malicious things, this is such a critical space and the consequences are so potentially dire that we should be closing and locking and nailing over the barn door long before the horses even look at it. 

Posted by: David at Mon Jun 10 14:27:03 2019 (A/T0R)

Hide Comments | Add Comment




What colour is a green orange?




30kb generated in CPU 0.05, elapsed 0.1777 seconds.
68 queries taking 0.1518 seconds, 286 records returned.
Powered by Minx 1.1.6c-pink.