Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Tuesday September 08 2020, @04:13AM   Printer-friendly
from the big-spenders? dept.

Phones for low-income users hacked before they're turned on, research finds:

Rameez Anwar's phone had serious problems. The device, paid for by the federally funded Lifeline program for low-income people, was overrun with pop-up ads that made it unusable. Despite multiple factory resets, the problem wouldn't go away.

"As soon as it detected internet," Anwar said, "it started doing the pop-ups."

[...] Anwar, who says he's tinkered with computers since childhood, suspected the phone had come with malware installed. So he sent it to Nathan Collier, a researcher at Malwarebytes.

Collier confirmed Anwar's hunch: The phone's settings and update apps contained code that allowed them to load malicious apps known as adware. The adware displayed ads that covered users' screens, no matter what they were doing on their phones.

[...] Evidence suggests pre-installed malware plagues inexpensive phones around the world. Earlier this year, Collier found pre-installed malware, a broad range of disruptive or dangerous apps, on a phone made by Unimax and distributed by the Lifeline program. Collier says he frequently sees similar malware on cheap phones outside the Lifeline program. A BuzzFeed investigation found inexpensive phones popular in African countries had similar problems.

Unimax said in a statement in January that it had created a security patch to fix a vulnerability in its settings app. However, it disagreed with Malwarebytes that the vulnerability in the app qualified as "malware." American Network Solutions couldn't be reached for comment.

When looking at Anwar's phone, Collier found the settings app and the update app could covertly install third-party software on the user's phone. Users can't uninstall either app without making the devices unusable.

Collier found a way to turn off the malcious code without completely uninstalling the apps, but it requires users to connect their phones to a laptop and run specialty software. For people in the Lifeline program, a laptop might not be available, and the instructions might be challenging for people without training.

[...] Collier found the update app was installing four different versions of adware, which may be why Anwar found the ads overwhelmed his device completely.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 1, Touché) by Anonymous Coward on Tuesday September 08 2020, @05:40AM (1 child)

    by Anonymous Coward on Tuesday September 08 2020, @05:40AM (#1047750)

    s/t

    • (Score: 4, Informative) by Unixnut on Tuesday September 08 2020, @03:08PM

      by Unixnut (5779) on Tuesday September 08 2020, @03:08PM (#1047846)

      Actually it used to be very common. Even for stuff you paid for. It was not uncommon to buy a PC, only to have so much crap pre-installed on the Windows OS that came with it, that the best option would be to wipe and reinstall as soon as you got it home.

      Adware, spyware, the lot. Their argument was always "It would be even more expensive if we didn't subsidise it by pre-installing all the crap". Tech savvy users would just wipe it and put a clean OS install on it, but Joe Average would not have the skills or installation image to do so, so for the majority of people, they just accepted all the adverts and spyware (unless they knew a nerd willing to clean it for them). Eventually an entire cottage industry of corner-shop IT repair popped up to help with this.

      Probably why so many people did not get so much up in arms about adverts and spyware on their smart phones and websites. Outside of the tech community. Adware and Spyware has been part of "computing" since the 00s at least. One big difference is that it is much harder to "wipe and reinstall a clean OS" on your phone, as they are much more locked down than a PC.

  • (Score: 2) by Barenflimski on Tuesday September 08 2020, @06:15AM (4 children)

    by Barenflimski (6836) on Tuesday September 08 2020, @06:15AM (#1047753)

    Don't have the big bucks for the phone of your choice? Probably don't have the big bucks to sue me. Don't like my ads? Get another phone.

    Seems to me that is what this company is thinking.

    There are definitely two worlds; One when you have money, and one when you don't have money. What seems to be most egregious here is that in most other real life cases this paradigm is just a tad more obfuscated.

    • (Score: -1, Troll) by Anonymous Coward on Tuesday September 08 2020, @06:28AM (3 children)

      by Anonymous Coward on Tuesday September 08 2020, @06:28AM (#1047754)

      yeah... and the people who dont have money are occupied with suspecting, hating and "outclassing" each other, and they keep making babies and not having a shit, until some idiots from the middle class or lower upper class helps them for whatever reason.

      yeah, hate poor people... they should stop multiplying...

      but if the poor people dont multiply like flies, how we can have evolution?

      that is the difficult question...

      btw, everywhere, u can buy a used fucking phone that is cheaper then the new "cheap" one, and functionally better...

      • (Score: 2) by bmimatt on Tuesday September 08 2020, @08:55AM (2 children)

        by bmimatt (5050) on Tuesday September 08 2020, @08:55AM (#1047766)

        Chill Vlad. Go have some vodka to calm the nerves down.

        • (Score: 2) by c0lo on Tuesday September 08 2020, @11:57AM (1 child)

          by c0lo (156) Subscriber Badge on Tuesday September 08 2020, @11:57AM (#1047800) Journal

          Go have some vodka to calm the nerves down.

          Can't get vodka chilled this fire season. Drives me nuts, can do nothing 'bout.

          --
          https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
          • (Score: 1, Funny) by Anonymous Coward on Tuesday September 08 2020, @01:02PM

            by Anonymous Coward on Tuesday September 08 2020, @01:02PM (#1047803)

            Then try some Novichok Tea.

  • (Score: 0) by Anonymous Coward on Tuesday September 08 2020, @06:30AM (1 child)

    by Anonymous Coward on Tuesday September 08 2020, @06:30AM (#1047755)

    Is this "Lifeline" thing the vaunted Obamaphone we've been hearing about? I didn't know it did mobile data too! How much does service cost?

  • (Score: 2) by Mojibake Tengu on Tuesday September 08 2020, @07:42AM (1 child)

    by Mojibake Tengu (8598) on Tuesday September 08 2020, @07:42AM (#1047758) Journal

    Never connect such devices to internet, whatever internet means for you.

    Use it for phone calls only. That's the simple option.

    My guess on mechanics: when connecting to network, a control web page for provider's VPN gateway pops up, pooping ads.
    This may be done on any platform by anyone who controls the network and DNS, and proper web login is required for full access to network.
    Thus, removal of this mechanism renders the device unusable for networking to particular provider.

    However, the real problem is smart phones as such, an absurd contraption as a composition of computer and phone where the computer part of a device cannot be controlled by user completely.
    In a world manageable by users, all kind of connectivity should be done by a separable peripheral.

    --
    Respect Authorities. Know your social status. Woke responsibly.
    • (Score: 2) by HiThere on Tuesday September 08 2020, @01:58PM

      by HiThere (866) Subscriber Badge on Tuesday September 08 2020, @01:58PM (#1047819) Journal

      You don't always have an option. My phone, not a lifeline, but also not something I attend to much, has internet capability, which I never wanted and never intentionally enabled. But it *has* been enabled. Sometime messages from my doctor require internet access, and they open it. This makes it basically unusable, as the phone keypad is unusably small. So far I can phone the doctor, and handle things that way, but...

      It is clear that internet access will soon be a mandatory feature. Not because it has to be, but because businesses find it more convenient. I'm wondering how I could hook up a standard keyboard to the phone...this will probably require enabling Bluetooth and buying another keypad. Were I operating on a tight budget, things would be a lot more difficult.

      --
      Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
  • (Score: 1, Insightful) by Anonymous Coward on Tuesday September 08 2020, @11:07AM

    by Anonymous Coward on Tuesday September 08 2020, @11:07AM (#1047785)

    It's not a hack if it's working as intended.

  • (Score: 0) by Anonymous Coward on Tuesday September 08 2020, @01:05PM (4 children)

    by Anonymous Coward on Tuesday September 08 2020, @01:05PM (#1047804)

    Obamaphone, Obamaphone, ebbebody in de hood deserve a cell phone!
    Could just get a job, or disability, whatever to pay for your own Tracphone.
    We see now the "po" be gettin theyself a big screen TeeBee too!

    • (Score: 0) by Anonymous Coward on Tuesday September 08 2020, @02:15PM (3 children)

      by Anonymous Coward on Tuesday September 08 2020, @02:15PM (#1047822)

      I think the idea is that getting a job in this day and age basically requires internet.

      To "cruise the classifieds" now, you need to access indeed, zip-recruiter, etc. This means that to pay for things you need to start with having internet access.

      This plan was designed to raise the floor so people that need jobs can find them.

      • (Score: 2) by Freeman on Tuesday September 08 2020, @03:05PM (2 children)

        by Freeman (732) on Tuesday September 08 2020, @03:05PM (#1047842) Journal

        Public Libraries have been providing free access to internet for a long time. The "free phone" deal helps get it at home, but it's not like there were zero options. Now, you just have a whole bunch more people with easy access to Facebook.

        --
        Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
        • (Score: 0) by Anonymous Coward on Tuesday September 08 2020, @03:20PM

          by Anonymous Coward on Tuesday September 08 2020, @03:20PM (#1047850)

          The libraries shut down during the dempanic.

        • (Score: 0) by Anonymous Coward on Wednesday September 09 2020, @08:12PM

          by Anonymous Coward on Wednesday September 09 2020, @08:12PM (#1048566)

          I think the Obamaphone plan helped cell phone companies more than anyone else. Pork, give me some!

  • (Score: 0) by Anonymous Coward on Tuesday September 08 2020, @04:56PM (1 child)

    by Anonymous Coward on Tuesday September 08 2020, @04:56PM (#1047879)

    Phones for 'low-income people' are usually a free part of the US-ian 'Roll-out-the-red-carpet-for-minorities' package. They should be able to get top-of-the-line iPhones gratis.

    • (Score: 0) by Anonymous Coward on Wednesday September 09 2020, @08:15PM

      by Anonymous Coward on Wednesday September 09 2020, @08:15PM (#1048567)

      Universal Basic Income, a.k.a. Welfare for Everybody.
      That's what I want. Set me up, Gummint Sugar Daddy, and I'll be your Sub so you can be my Dom.

(1)