Security firm finds preinstalled malware on Xiaomi Mi 4 smartphone
We are certain the device that Bluebox tested is not using a standard MIUI ROM, as our factory ROM and OTA ROM builds are never rooted and we don’t pre-install services such as YT Service, PhoneGuardService, AppStats etc. Bluebox could have purchased a phone that has been tampered with, as they bought it via a physical retailer in China. Xiaomi does not sell phones via third-party retailers in China, only via our official online channels and selected carrier stores.
— Hugo Barra, VP International
I must side with Xiaomi on this one.
As I’ve pointed out numerous times here, Xiaomi and Lei Jun are constantly banging the drum against Xiaomi counterfeits and insisting the only trustworthy source of their products is Xiaomi itself.
March 11, 2015 update: Thanks to E.T. in Comments, we now know the Mi 4 tested was a fake! Always buy from trusted sources!
Fake Mi Note On Taobao
Fraud Alert: Fake Xiaomi Power Banks On Amazon India
Fake: Xiaomi And Apple Store
Fakes: Counterfeit MiBand, Phony MiCar
Counterfeit Xiaomi Power Banks
Because they promote ignorance. And ignorance leads to all other evils and ills.
Iraqi libraries ransacked by Islamic State group in Mosul
When Islamic State group militants invaded the Central Library of Mosul earlier this month, they were on a mission to destroy a familiar enemy: other people’s ideas.
Residents say the extremists smashed the locks that had protected the biggest repository of learning in the northern Iraq town, and loaded around 2,000 books — including children’s stories, poetry, philosophy and tomes on sports, health, culture and science — into six pickup trucks. They left only Islamic texts.
“These books promote infidelity and call for disobeying Allah. So they will be burned,” a bearded militant in traditional Afghani two-piece clothing told residents, according to one man living nearby who spoke to The Associated Press.
We need a worldwide program to digitize every damn library.
Manufacturer’s Backdoor Found on Popular Chinese Android Smartphone
The manufacturer has also taken steps via modifications to its version of Android to keep the backdoor hidden from users and security software that could be installed on the phone. For example, Olson said Coolpad has disabled the long-press system that allows a user to find out what application generated an pop-up advertisement or notification, for example.
Well, they just ruined their brand.
I don’t give a shit if they come out with The Return Of Jesus tablet. They are permanently banned from coverage here.
The China Market Has Been Lost. Thanks, NSA!
China Android Malware Alert 2
China Android Malware Alert
China is Planning to Purge Foreign Technology and Replace With Homegrown Suppliers
China is aiming to purge most foreign technology from banks, the military, state-owned enterprises and key government agencies by 2020, stepping up efforts to shift to Chinese suppliers, according to people familiar with the effort.
The push comes after a test of domestic alternatives in the northeastern city of Siping that was deemed a success, said the people, who asked not to be named because the details aren’t public. Workers there replaced Microsoft Corp.’s Windows with a homegrown operating system called NeoKylin and swapped foreign servers for ones made by China’s Inspur Group Ltd., they said.
The plan for changes in four segments of the economy is driven by national security concerns and marks an increasingly determined move away from foreign suppliers under President Xi Jinping, the people said. The campaign could have lasting consequences for U.S. companies including Cisco Systems Inc., International Business Machines Corp., Intel Corp. and Hewlett-Packard Co.
“The shift is real,” said Charlie Dai, a Beijing-based analyst for Forrester Research Inc. “We have seen emerging cases of replacing foreign products at all layers from application, middleware down to the infrastructure software and hardware.”
Regin: Top-tier espionage tool enables stealthy surveillance
This all reminds me of that scene in Batman:
INT. AXIS CHEMICAL – FILE ROOM – NIGHT
SPARKS FLY. A SAFECRACKER, in welder’s mask, trains a
blowtorch on the office safe. Behind him, Jack’s HOODS
are at work on the filing cabinets. Jack stands watch-
ing, squinting through the fumes. He holds a silk
handkerchief over his nose and mouth.
The SAFECRACKER kills his blowtorch and opens the metal
door of the safe, giving Jack a good look inside:
JACK shakes his head: they’ve been set up. A SIREN
We’ve been ratted out here, boys.
I really wonder about China-made tech now too …
… anything lurking in those phones and tablets that their makers don’t know about?
Who’s Watching The Watchers Watching Us?
“Buy From Our Store. We’re NSA-FREE!”
Android smartphone shipped with spyware
Chinese Android smartphone comes with malware pre-installed
This is not good.
And yes, I do know my country’s NSA intercepts packages and plant their own spyware on them. I’m against that too.
Filed under Android, Infowar
Documents Reveal Top NSA Hacking Unit
Sometimes it appears that the world’s most modern spies are just as reliant on conventional methods of reconnaissance as their predecessors.
Take, for example, when they intercept shipping deliveries. If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called “load stations,” agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.
These minor disruptions in the parcel shipping business rank among the “most productive operations” conducted by the NSA hackers, one top secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks “around the world.”
Boldfaced emphasis added by me.
When PDAs were the rage and smartphones were still primitive (the Treo had not yet been introduced), I dared to bring up the subject of data privacy on a discussion board. I used the example of Al Sharpton being arrested (he was always being arrested back then; NYC was in turmoil) — what would be the likelihood of the police confiscating his PDA and taking all of the info off of it?
I was basically jeered at and made to feel stupid and ridiculous. No one had the brains to see any of the implications of what I had raised.
Even today, with all of the NSA revelations, there are still those who smugly insist there’s no risk in using “the Cloud.”
Russia: Hidden chips ‘launch spam attacks from irons’
State-owned channel Rossiya 24 even showed footage of a technician opening up an iron included in a batch of Chinese imports to find a “spy chip” with what he called “a little microphone”. Its correspondent said the hidden devices were mostly being used to spread viruses, by connecting to any computer within a 200m (656ft) radius which were using unprotected Wi-Fi networks. Other products found to have rogue components reportedly included mobile phones and car dashboard cameras.
Boldfaced emphasis added by me.
I never expected this.
It would be easier to plant software like that in a tablet made in China.
Do you still want to buy a Chinese tablet now?