Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Wednesday January 08 2020, @09:52PM   Printer-friendly
from the not-the-first-time dept.

Samsung Devices Allegedly Use Qihoo 360 Spyware to Phone Home to China

Samsung Phones Said to Come with Chinese "Spyware" Phoning Home

Samsung phones and tablets allegedly come with what is being described as "spyware" that communicates with Chinese servers regularly.

A reddit thread that has gone viral includes a closer look at a feature called Device Care and available on all Samsung phones and tablets.

As Samsung itself confirms, the "Storage" module of Device Care is "powered by 360," but no information is provided as to why it phones back home to China.

While Qihoo 360, the company that Samsung points to, has previously been involved in several privacy scandals that included hidden data collection, little is known about what's happening on phones and tablets developed by the South Korean manufacturer.

Chinese Spyware Found On All Samsung Phones

A fan of Samsung phones has discovered Chinese spyware which is installed by default by Samsung, can't be removed, and for which has been sending packets to Chinese addresses. The storage scanner in the Device Care section of Samsung phones is a mandatory software install protected by the system making it hard to remove. No comment has been made by Samsung about why it includes this spyware in its main line of mobile phones.

Do you packet sniff your phone to find out where it is sending your data?


Original Submission #1Original Submission #2

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Funny) by jasassin on Wednesday January 08 2020, @10:18PM (13 children)

    by jasassin (3566) <jasassin@gmail.com> on Wednesday January 08 2020, @10:18PM (#941222) Homepage Journal

    Someone forward this to every Senator, House, and Congress person (AND TRUMP!!!) IMMEDIATELY!!! PLEASE! They will have a field day! If you thought Huawei was bad.... HOLY SHIT!

    WTF!!!!!?????!!!????????!?!?!?

    --
    jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
    Starting Score:    1  point
    Moderation   +2  
       Funny=2, Total=2
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 1, Insightful) by Anonymous Coward on Thursday January 09 2020, @01:59AM

    by Anonymous Coward on Thursday January 09 2020, @01:59AM (#941284)

    There's a lot of strong allegations in that story. If all this is true then yes... Holy fucking shit! But does it stop with only that brand?

  • (Score: 2, Interesting) by Anonymous Coward on Thursday January 09 2020, @05:10AM (10 children)

    by Anonymous Coward on Thursday January 09 2020, @05:10AM (#941332)

    I can't tell if this is sincere or sarcastic.

    Sniff your phone sometime. They're constantly phoning home to everybody including a never-ending stream of packets sent to Google even when every single privacy toggle is enabled, voice disabled, etc. Anybody who thinks their phones are even remotely secure is engaging in cognitive dissonance. Smartphones are nothing more than little leaky tracking devices. It's like people forget Apple and Google (and Facebook and Microsoft and basically every major tech company in the US) are all participating in at least PRISM [wikipedia.org] and likely numerous other surveillance schemes.

    In general if you want privacy and you're in the west you probably want a Xiaomi phone. If you're in the east you probably want an Apple phone, though China's growing market dominance means Apple will be inevitably bending the knee there, if they haven't already.

    • (Score: 0) by Anonymous Coward on Thursday January 09 2020, @02:19PM (9 children)

      by Anonymous Coward on Thursday January 09 2020, @02:19PM (#941418)

      How do I know you never installed a firewall....

      • (Score: 2) by RS3 on Thursday January 09 2020, @02:33PM (6 children)

        by RS3 (6367) on Thursday January 09 2020, @02:33PM (#941420)

        Do you understand what a firewall is and how it works? A firewall stops incoming packets, not outgoing. Sure, some firewalling blocks many outgoing ports, but if you block all ports, you've stopped outgoing traffic, and you have no connection to the Internet, right?

        Some router/gateways allow you to block specific IP addresses or IP address ranges, and that would fix the problem, but that's a monumental list to deal with.

        Connect the phone through WiFi only, going through a packet sniffer (WireShark, etc.), and block all suspicious / mysterious IP addresses it tries to send data to.

        I just envisioned a device and I'm sure there's a good market for it: a WiFi repeater / blocker / filter / firewall. It could be quite small- smaller than a phone, 2 WiFi antennas- you'd connect your phone to it only, and it would connect to whatever WiFi you would have connected to, and it would filter anything you want it to. An Arduino / Raspberry / etc. could do it.

        • (Score: 2) by DannyB on Thursday January 09 2020, @03:46PM (5 children)

          by DannyB (5839) Subscriber Badge on Thursday January 09 2020, @03:46PM (#941457) Journal

          A firewall stops incoming packets, not outgoing.

          But then you describe some cases of stopping outgoing packets. Under various conditions. (and I'm not trying to be disagreeable or critical)

          Stopping outgoing packets seems like a very worthwhile thing for a firewall or border gateway to do. Certainly by a blacklist (or whitelist?) of target IP addresses. But also by port / IP address of an internal system sending those packets to the outside. For example, why is our web server, unsolicited, sending packets to some outside system? Has it been hacked?

          --
          People today are educated enough to repeat what they are taught but not to question what they are taught.
          • (Score: 2) by RS3 on Thursday January 09 2020, @05:22PM

            by RS3 (6367) on Thursday January 09 2020, @05:22PM (#941511)

            Sorry, I was trying to not write a book. I figure most people here have set up, or at least poked around in a home gateway (router) and seen the settings for firewall.

            At the simplest it's usually:

            1) no firewall- all ports open both ways,
            2) all incoming ports are blocked, all outgoing are open, which is a typical default,
            3) all incoming are blocked, and most outgoing are blocked, except pop3, imap, ftp, http, https, ...

            Some gateways have a "gaming" mode where they open specific ports used in multi-player games.

            If malware wants to send (outbound) data over port 80 or 443, you can't stop it by port blocking, or you have no web access. You'd need to determine that you have malware (possibly baked in), determine what IP address it's sending to, and block that IP address. Some gateways allow some IP address blocking, some don't.

            If you block all outgoing ports, you have zero connection to the Internet, so just unplug- it's easier and cheaper.

          • (Score: 2) by RS3 on Thursday January 09 2020, @05:31PM (2 children)

            by RS3 (6367) on Thursday January 09 2020, @05:31PM (#941516)

            Just to clarify and reiterate, most gateways/routers do firewalling, and the default is usually to block all incoming ports, but leave all outgoing open, and my first post was in that context. Sorry for my lack of clarity. You get what you pay for, etc...

            • (Score: 2) by DannyB on Thursday January 09 2020, @06:45PM (1 child)

              by DannyB (5839) Subscriber Badge on Thursday January 09 2020, @06:45PM (#941540) Journal

              No refunds I presume. :-)

              --
              People today are educated enough to repeat what they are taught but not to question what they are taught.
              • (Score: 2) by RS3 on Thursday January 09 2020, @07:00PM

                by RS3 (6367) on Thursday January 09 2020, @07:00PM (#941550)

                All work-product is guaranteed until it breaks.

          • (Score: 2) by jasassin on Friday January 10 2020, @07:22PM

            by jasassin (3566) <jasassin@gmail.com> on Friday January 10 2020, @07:22PM (#941992) Homepage Journal

            Stopping outgoing packets seems like a very worthwhile thing for a firewall or border gateway to do. Certainly by a blacklist (or whitelist?) of target IP addresses.

            You nailed it right there. Whitelist. It's the only way to be sure, and you'll have a nightmare whitelisting IP's to restore a semblance of functionality.

            --
            jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
      • (Score: 0) by Anonymous Coward on Thursday January 09 2020, @06:11PM (1 child)

        by Anonymous Coward on Thursday January 09 2020, @06:11PM (#941530)

        Dude... There's communication protocols that aren't visible to firewalls or packet sniffers. The only way to know for sure that your phone isn't calling home is to pull the battery out and smash the phone with a 10lb sledgehammer.

        • (Score: 2) by RS3 on Thursday January 09 2020, @07:06PM

          by RS3 (6367) on Thursday January 09 2020, @07:06PM (#941551)

          You're somewhat correct. On Ethernet, which includes WiFi, you in fact can know all that's going on. The low-level stuff can't carry packets to China- it doesn't go through routers- only the actual IP packets do. Well, okay, not normal home router/gateways. If you turn on IGMP or OSFP or SIP or something else you might be exposed to a sophisticated malware but those routing protocols don't really carry information packets so not likely to be spying on you very much.

          I can't speak to the actual cell phone air data, so that could be an issue. But who knows what's going on there anyway. And the cell providers all track our phones and who knows what else.

  • (Score: 3, Touché) by DannyB on Thursday January 09 2020, @03:40PM

    by DannyB (5839) Subscriber Badge on Thursday January 09 2020, @03:40PM (#941452) Journal

    Someone forward this to every Senator, House, and Congress person (AND TRUMP!!!). . .

    Um, Tweet is the word you are looking for.

    --
    People today are educated enough to repeat what they are taught but not to question what they are taught.