DS Forums

 
 

eBay pulls sales of 'spyware phones'


Reply
Thread Tools Search this Thread
Old 18-06-2014, 17:49
noise747
Forum Member
 
Join Date: Dec 2007
Location: Herefordshire
Posts: 22,810

http://www.bbc.co.uk/news/technology-27908105

another reason to buy something that at least have a brand name and not from a Chinese or Russian company.
noise747 is offline   Reply With Quote
Please sign in or register to remove this advertisement.
Old 18-06-2014, 18:00
Chris1973
Forum Member
 
Join Date: May 2013
Posts: 667
http://forum.xda-developers.com/show....php?t=2395007
Chris1973 is offline   Reply With Quote
Old 18-06-2014, 18:01
JulesandSand
Forum Member
 
Join Date: Aug 2009
Location: Caledonia
Posts: 5,687
Still on sale on amazon uk I see.
JulesandSand is offline   Reply With Quote
Old 18-06-2014, 18:13
Stig
Forum Member
 
Join Date: Sep 2003
Location: Sandy Heath, Beds. UK
Posts: 10,385
http://www.bbc.co.uk/news/technology-27908105

another reason to buy something that at least have a brand name and not from a Chinese or Russian company.
So this has been going on since August 2013
Stig is offline   Reply With Quote
Old 18-06-2014, 18:29
kidspud
Forum Member
 
Join Date: May 2010
Posts: 11,501
Can someone tell me again about these phones being a bargin.

Not very good news.
kidspud is offline   Reply With Quote
Old 18-06-2014, 19:43
alanwarwic
Forum Member
 
Join Date: Oct 2003
Location: the wild world web
Posts: 28,132
I bet you get a similar risk with many a Linux distribution.
Also that infamous lifetime location tracking used by Apple could have been termed malware.

That Chinese stuff was adware. Obviously, not knowing your Chinese likely makes it easy to click 'Yes, please install more spamware'.
alanwarwic is offline   Reply With Quote
Old 18-06-2014, 19:46
kidspud
Forum Member
 
Join Date: May 2010
Posts: 11,501
I bet you get a similar risk with many a Linux distribution.

Also that infamous lifetime location tracking used by Apple could have been termed malware.
Only by you. Well done for mentioning apple though. Your obsession continues.
kidspud is offline   Reply With Quote
Old 18-06-2014, 19:50
alanwarwic
Forum Member
 
Join Date: Oct 2003
Location: the wild world web
Posts: 28,132
Only by you.....Your obsession continues.
Ain't it a compliment to Apple and yet, on a 'remark' basis..................................


Yeh, this one is adware.
alanwarwic is offline   Reply With Quote
Old 18-06-2014, 22:56
TheWireRules
Inactive Member
 
Join Date: Mar 2013
Posts: 1,237
I've got one of these Star phones anyone know more specific details?

All these apps you download from the Play Store and intrusive and dodgy though. Wanting access to everything.

Privacy hard to come by in the mobile phone world.
TheWireRules is offline   Reply With Quote
Old 18-06-2014, 23:02
d123
Forum Member
 
Join Date: Jul 2007
Posts: 3,993
I've got one of these Star phones anyone know more specific details?

All these apps you download from the Play Store and intrusive and dodgy though. Wanting access to everything.

Privacy hard to come by in the mobile phone world.
If you read the BBC article it isn't a dodgy app you may download, it's actually an app installed on the phone in the firmware and cannot be removed.

A German security firm reported on Tuesday that the Android-powered Star N9500 sent personal data to a computer server in China, adding that the Trojan could not be removed.

It said the malware was disguised as the legitimate Google Play Store app.


"The spyware runs in the background and cannot be detected by users," it said.

"Unbeknownst to the user, the smartphone sends personal data to a server located in China and is able to covertly install additional applications.

"This makes it possible to retrieve personal data, intercept calls and online banking data, read emails and text messages or control the camera and microphone remotely.

"The program also blocks the installation of security updates."

The Associated Press news agency has reported that although several Shenzhen-based firms used eBay and other sites to sell the model, it had been unable to track down the manufacturer.
Probably a good idea not to use any app in which you have to enter any personal info on that phone (and probably on any number of the other Chinese clone phones).
d123 is offline   Reply With Quote
Old 19-06-2014, 06:48
noise747
Forum Member
 
Join Date: Dec 2007
Location: Herefordshire
Posts: 22,810
So this has been going on since August 2013
And yet it only really just came to light and Ebay just started to take them off sale? Good grief.
noise747 is offline   Reply With Quote
Old 19-06-2014, 06:53
noise747
Forum Member
 
Join Date: Dec 2007
Location: Herefordshire
Posts: 22,810
I bet you get a similar risk with many a Linux distribution.
Also that infamous lifetime location tracking used by Apple could have been termed malware.

That Chinese stuff was adware. Obviously, not knowing your Chinese likely makes it easy to click 'Yes, please install more spamware'.
The only Linux Distro that had some sort of strange spyware stuff in, if you can call it that was Ubuntu, with their link up with Amazon.

I suppose if you go for one of the lesser known distros or get a distro from a unknown source it may have spyware in.

All smart phones have some sort of tracking in, that is what they do. I disable a lot of mine, which thankfully you can do.
noise747 is offline   Reply With Quote
Old 19-06-2014, 10:43
D_Mcd4
Forum Member
 
Join Date: Jan 2014
Posts: 4,486
They must have hoovered up so many people's personal info. I'd stop using it instantly. Maybe someone will release a custom firmware with it removed. Typical that Amazon marketplace is still selling them. Amazon seen to have no interest in monitoring that.
D_Mcd4 is offline   Reply With Quote
Old 19-06-2014, 17:19
TelevisionUser
Forum Member
 
Join Date: May 2004
Location: Storbritannia
Posts: 28,930
Still on sale on amazon uk I see.
Yep, as we can see here: http://www.amazon.co.uk/s/ref=nb_sb_...0%20smartphone

That is a worrying issue and 10/10 to G DATA for highlighting this matter. I hope that sales of this phone now tank so that it serves as a disincentive to others not to fill phones with spyware.
TelevisionUser is offline   Reply With Quote
Old 20-06-2014, 10:35
henrywilliams58
Forum Member
 
Join Date: Oct 2012
Location: London
Posts: 4,710
Only just discovered this. I have a Star Note II - Star S7189 Note II 5.5" Screen MTK6589

I have had it for a year and have never had any Chinese spyware. I factory reset it at the outset - of course this could have included factory spamware.

There were a couple of Chinese applications which I was able to uninstall or Force Stop.
henrywilliams58 is offline   Reply With Quote
Old 20-06-2014, 10:57
alanwarwic
Forum Member
 
Join Date: Oct 2003
Location: the wild world web
Posts: 28,132
"If the allegations are true, it is not known whether the manufacturer itself would have been aware of what was being done at its plant."
"The Associated Press news agency has reported that although several Shenzhen-based firms used eBay and other sites to sell the model, it had been unable to track down the manufacturer."
""This makes it possible to retrieve personal data, intercept calls and online banking data, read emails and text messages or control the camera and microphone remotely."

You would hope they would at least join the dots properly. Me, I suspect most 'shoestring' Linux distribution operations are at risk to interference too, at least from government states.
alanwarwic is offline   Reply With Quote
Old 20-06-2014, 11:11
henrywilliams58
Forum Member
 
Join Date: Oct 2012
Location: London
Posts: 4,710
These two statements in the BBC release are inconsistent

It said the malware was disguised as the legitimate Google Play Store app.

"The spyware runs in the background and cannot be detected by users,"
If they are seen to be Google Play Apps they can be detected. by users.
henrywilliams58 is offline   Reply With Quote
Old 20-06-2014, 16:40
Chris1973
Forum Member
 
Join Date: May 2013
Posts: 667
If they are seen to be Google Play Apps they can be detected. by users.
All of the spyware files are located in the system/app folder which you normally wouldn't be able to access or install / uninstall unless the phone has been rooted.

That is a worrying issue and 10/10 to G DATA for highlighting this matter.
They may have highlighted it to the press and the population in general, but the spyware infestation on the N9500 had been discovered and was actively being discussed on forums as early as August 2013, and in relation to one other earlier Star Model it was also suspected to be happening in some capacity right back to 2012 - I've linked to both discussions already on the other thread.
Chris1973 is offline   Reply With Quote
Old 20-06-2014, 18:07
D_Mcd4
Forum Member
 
Join Date: Jan 2014
Posts: 4,486
Yep, as we can see here: http://www.amazon.co.uk/s/ref=nb_sb_...0%20smartphone

That is a worrying issue and 10/10 to G DATA for highlighting this matter. I hope that sales of this phone now tank so that it serves as a disincentive to others not to fill phones with spyware.
Most of the listings on Amazon seem to have been pulled. I can only see one for sale now.
D_Mcd4 is offline   Reply With Quote
Old 20-06-2014, 19:51
alanwarwic
Forum Member
 
Join Date: Oct 2003
Location: the wild world web
Posts: 28,132
Talking of so called spyware, Microsoft and Android are following by installing a kill switch in their phones.

The only real way they can do that is via a 'command and control' type thing.
Google, Microsoft have to know who,where you are, so it has to be done via 'spying'. It will be the same for Apple and their kill method
alanwarwic is offline   Reply With Quote
Old 21-06-2014, 11:42
henrywilliams58
Forum Member
 
Join Date: Oct 2012
Location: London
Posts: 4,710
All of the spyware files are located in the system/app folder which you normally wouldn't be able to access or install / uninstall unless the phone has been rooted.


They may have highlighted it to the press and the population in general, but the spyware infestation on the N9500 had been discovered and was actively being discussed on forums as early as August 2013, and in relation to one other earlier Star Model it was also suspected to be happening in some capacity right back to 2012 - I've linked to both discussions already on the other thread.
Please explain what rooting is - in beginners language. Sounds like formatting.

How can I "format" and install a generic Android 4.2.2?

I have a Star S7189 Note II . Is that the "earlier Star model" ?
henrywilliams58 is offline   Reply With Quote
Old 21-06-2014, 13:57
TelevisionUser
Forum Member
 
Join Date: May 2004
Location: Storbritannia
Posts: 28,930
"If the allegations are true, it is not known whether the manufacturer itself would have been aware of what was being done at its plant."
"The Associated Press news agency has reported that although several Shenzhen-based firms used eBay and other sites to sell the model, it had been unable to track down the manufacturer."
""This makes it possible to retrieve personal data, intercept calls and online banking data, read emails and text messages or control the camera and microphone remotely."

You would hope they would at least join the dots properly. Me, I suspect most 'shoestring' Linux distribution operations are at risk to interference too, at least from government states.
Very few, and none of the popular, Linux distributions are put together in Russia or China plus the community of Linux activist developers would soon highlight any such malpractice. Furthermore, it's not Linux that has the NSA "backdoor": NSA Built Back Door In All Windows Software by 1999 (Linus Torvalds refused, when requested, to put an NSA backdoor into the Linux kernel http://www.omgubuntu.co.uk/2013/11/n...ather-says-yes)
TelevisionUser is offline   Reply With Quote
Old 21-06-2014, 14:07
alanwarwic
Forum Member
 
Join Date: Oct 2003
Location: the wild world web
Posts: 28,132
That just shows how easy it is to pay one person to pop dodgy code in,
That Goto Code and the SSL things were prime candidates for classification as 'malware' .

Someone need to update the story with detail on clean ROMs, the actual guilty parties etc etc. I'm sure there is much truth in the story but it was certainly sloppy reading.
alanwarwic is offline   Reply With Quote
Old 22-06-2014, 21:28
henrywilliams58
Forum Member
 
Join Date: Oct 2012
Location: London
Posts: 4,710
That just shows how easy it is to pay one person to pop dodgy code in,
That Goto Code and the SSL things were prime candidates for classification as 'malware' .

Someone need to update the story with detail on clean ROMs, the actual guilty parties etc etc. I'm sure there is much truth in the story but it was certainly sloppy reading.
It could also be wildly exaggerated by G Data the German firm that stands to make most out of this.

It could be result of clicking on one of the Chinese apps rather than a general problem with the phones.

Do all Star phones have this malware? Do all Star 9500 have this malware?

I only use apps downloaded from Google Play and have uninstalled all the Chinese apps as far as I am aware.
henrywilliams58 is offline   Reply With Quote
Old 22-06-2014, 21:43
jabbamk1
Forum Member
 
Join Date: Jan 2012
Location: London, UK
Posts: 8,759
Some Star phones have this.

I've known about it for a while now so not sure why it's suddenly become this big thing.

First thing I did when I got my Star dual sim phone was delete the malware.
jabbamk1 is offline   Reply With Quote
 
Reply




 
Forum Jump


All times are GMT. The time now is 11:04.