Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday April 24 2019, @05:18AM   Printer-friendly
from the free-backups dept.

A brand new Huawei P30 Pro smartphone has been found to be sending queries and possibly data to Chinese government servers, without the user having signed up for any Huawei services, reported OCWorkbench.

The Facebook page ExploitWareLabs at 5:32 p.m. on Sunday uploaded a post which included a list of DNS (Domain Name System) queries being delivered behind the scenes from a new Huawei P30 Pro. A DNS query (also known as a DNS request) is a demand for information sent from a user's computer (DNS client) to a DNS server.

In layman's terms, it means the phone could potentially be automatically transferring user data back to cloud servers run by the Chinese government, unbeknownst to the device's owner.

The list of DNS addresses includes beian.gov.cn, which was registered by Alibaba Cloud and managed by China's Ministry of Public Security, according to Whois.com. Another frequently listed request was sent to china.com.cn, which was registered by EJEE Group and operated by China's state-run mouthpiece the China Internet Information Center, according to Whois.com.

According to ExploitWareLabs, all of these queries were sent to Chinese government-run servers despite the fact that the user had not configured the phone for any Huawei services, such as Huawei ID or any Hi services.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by c0lo on Wednesday April 24 2019, @06:08AM (2 children)

    by c0lo (156) Subscriber Badge on Wednesday April 24 2019, @06:08AM (#834241) Journal

    I mean people have only been looking for this kind thing for how many years now?

    Keeping into account the context of "A brand new Huawei P30 Pro smartphone", I would say they can't be looking for more than one month.

    --
    https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 3, Touché) by Anonymous Coward on Wednesday April 24 2019, @06:16AM

    by Anonymous Coward on Wednesday April 24 2019, @06:16AM (#834243)

    Could be worse. Could be Windows 10 Phone. Sending telemetry including keylogging and "pocket pool motion detected" messages to the secret Chinese headquarters in Redmond. Just saying.

  • (Score: 2) by PinkyGigglebrain on Wednesday April 24 2019, @04:52PM

    by PinkyGigglebrain (4458) on Wednesday April 24 2019, @04:52PM (#834403)

    Good point about it being a new phone, guess my mind blanked that out.

    But that would seem to make it even more unlikely when you stop to think about it. Huawei puts out a new phone in the middle of a huge PR storm about them being a tool of the Chinese government and all their gear having some kind of backdoor/rootkit in them and they used obvious plain text DNS lookups to connect to servers in China. The level of stupid on so many levels that it would require boggles the mind.

    Not to say its impossible. I'm still going to wait till this gets confirmed by some other source with a bit more credibility. I'm sure there are a lot of people going through that code bit by bit so it shouldn't be long one way or the other.

    --
    "Beware those who would deny you Knowledge, For in their hearts they dream themselves your Master."