SoylentNews is people
SoylentNews
Security firm Kryptowire discovered that an app in some BLU Android smartphones was transmitting personal user data to a Chinese server every three days.
The unlocked smartphone company BLU has now admitted that several of its handsets have been secretly sending out personal data collected from their owners. The data was transmitted via a third-party app that was installed on six of its phones.
According to The New York Times (paywalled article), the security firm Kryptowire first discovered that an app in some of BLU's phones was transmitting data to a Chinese server every 72 hours. It's not yet clear if the data was being mined for advertising purposes or to collect intelligence for the Chinese government. However, the story adds that the company that wrote the software, Shanghai Adups Technology Company, claims the app was made for a Chinese phone manufacturer to monitor users. It also claims it was not meant to be installed on handsets sold to a U.S. audience.
BLU has since admitted that about 120,000 of its phones "had been collecting unauthorized personal data in the form of text messages, call logs, and contacts from customers" via the "Wireless Update" app. The six phone models that were affected are the R1 HD, the Energy X Plus 2, the Studio Touch, the Advance 4.0 L2, the Neo XL, and the Energy Diamond.
Well, maybe that explains why BLU smartphones are so cheap...
(Score: 2) by Hairyfeet on Wednesday November 16 2016, @11:37PM
It now looks like it wasn't anything nearly as nefarious as TFA makes it seem. I quote "In a statement responding to Kryptowire’s report, Adups suggested the firmware discovered on the Android phones from Blu was included by mistake and was meant for use only by some specific, unnamed clients.
The customers apparently wanted Adups to provide a way to flag junk texts and calls to users. So the firm developed a customized FOTA application that collected messages and applied backend data analytics to it to identify and flag messages that fit that category. The specialized application, looks for and flags content that has been previously associated with junk messages, Adups said.
In June 2016, the customized firmware inadvertently ended up on devices sold in the US by Blu Products. When Adups learned of the issue it took measures to disable the monitoring functionality and updated the firmware so it is no longer is an issue, the Chinese firm claimed. All text messages, phone logs contact lists, and other data collected and transmitted to Adups has been deleted, the company added."
So it appears that BLU was selling some of their phones to some Chinese corps that wanted filtering and someone used the corporate images on phones intended for overseas. Kryptoware also says "It is not possible to know if Android phones from other vendors are similarly impacted without testing them" which means pretty much any phone that is also sold in China could have this corporate monitoring software.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.