Android Exclusive: Samsung Galaxy S20+ leak confirms 120Hz display, ultrasonic fingerprint scanner, and no headphone jack |
- Exclusive: Samsung Galaxy S20+ leak confirms 120Hz display, ultrasonic fingerprint scanner, and no headphone jack
- The Google Play Store will no longer show notifications for updated apps
- Coral is Google’s quiet initiative to enable AI without the cloud
- Google Phone app prepares to add support for call recording
- On the "Spyware" Case: Samsung Proofed to Be LYING, Personal Data were SENT
- XPOST: Firefox lite is now sending ad notifications, like a cheap mobile game
| Posted: 14 Jan 2020 10:48 AM PST
| ||
| The Google Play Store will no longer show notifications for updated apps Posted: 14 Jan 2020 02:54 PM PST
| ||
| Coral is Google’s quiet initiative to enable AI without the cloud Posted: 14 Jan 2020 09:19 AM PST
| ||
| Google Phone app prepares to add support for call recording Posted: 14 Jan 2020 11:40 AM PST
| ||
| On the "Spyware" Case: Samsung Proofed to Be LYING, Personal Data were SENT Posted: 14 Jan 2020 03:42 AM PST This is in response to the Samsung's Qihoo 360 case. For those who don't know, there's a sensational post last week on Reddit, as a user claimed that Samsung partnered with a Chinese company Qihoo and pre-installed irremovable "spyware" on every Samsung phone and tablet. Long story short, I found the post to be jumping to conclusions, but Samsung's response later seemed a little fishy to me. Being a network security researcher, I went ahead and decompiled the APK myself. Though I'd like to believe Samsung, it is however proven that the Device Care app is RECORDING IMEIs and SENDING BACK Uniquely Identifiable IDs back to Qihoo's server. The findings I'm about to spill out can be repeated and is verifiable by anyone. Don't believe my words? Download the APK and decompile it following these steps. You will see the exact same code as me. I uploaded the Device Care APK to the JADX Decompiler (http://www.javadecompilers.com/apk) and downloaded the files. Here are decompiled code in the following screenshots: Just see the screenshots yourselves. You don't need to be a tech wizard to see that IMEI is being fetched (3rd screenshot and 4th screenshot) and Unique Identifiable ID is being sent to Qihoo's servers (1st screenshot). In the last screenshot, you can even see that the CPU model, whether the user is using WIFI, the free storage space on your phone were also being sent to Qihoo's servers, but I guess that's already nothing compared to your IMEI and Uniquely Identifiable ID. Samsung is obviously deceiving the Android community, hoping we'll just take their word for it. Among the decompiled files, there's an entire library (which served as a codebase for apps) that's called libmobilesafe360_clear-jni-6.7.so. I also decompiled that library, using another decompiler (https://onlinedisassembler.com/odaweb/). The library contains the exact same encryption keys (the generation seed: 70>@|:CF0z€.97:M0z|ovyrM) for encrypting HTTP traffic (yup, they would rather encrypt it using their own algorithm than using HTTPS) using the DES algorithm as the ones that was included in 360's contacts backup application. This DES encryption key was proven by Chinese security researchers to be easily cracked and intercepted. The final nail to the coffin for me to find out Samsung is lying is that the User-Agent string in the packets that were sent back to the server was straight up called "360clearsdk". How could this possibly be if Samsung was using their own code and was simply "downloading Qihoo's definition database" as they claimed? Last but not least, though I guess this evidence is already not needed, this is the permission that the Device Care app has access to on my phone: https://imgur.com/e43NJQx . Notice the "Phone" permission. This is a clear telltale sign for apps to gather IMEI information. I took a look back at Samsung's statements. At first, their respond on the Korean forum Naver was this one https://www.reddit.com/r/Android/comments/ektg8u/chinese_spyware_preinstalled_on_all_samsung/fdggokk , which basically says only the filtering database was being downloaded from Qihoo's server. After the original post has gained notoriety and people start demanding the removal of the app, Samsung told The Verge a completely different story: " The storage optimization process, including the scanning and removal of junk files, is fully managed by Samsung's device care solution. " Note how their statement has changed. Samsung now didn't claim that the app was fully made by them, but rather using an ambiguous sentence "...is fully managed by Samsung's device care solution", which basically completely avoided answering the question directly. Conclusion: Speculation: Last but not least, yes, this is a new account, but a throwaway one. I am a network security researcher at a major international InfoSec company, and decompiling code may violate IP laws and perhaps a ton of ToS. I simply want the truth to be out there. I have also sent the above findings to various major media outlets. I just hope that Samsung could stop lying to the r/Android community, and tell us the entire truth. Thanks. [link] [comments] | ||
| XPOST: Firefox lite is now sending ad notifications, like a cheap mobile game Posted: 15 Jan 2020 12:37 AM PST EDIT: The notification is coming from the "games" section of the browser, which i don't think i have ever used. [link] [comments] |
| You are subscribed to email updates from Android. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment