Phones from popular local Android vendors were found to have three to four times more preinstalled third-party apps than phones from other countries
A new study has found that Android smartphones from popular vendors in China come preinstalled with spyware applications that collect a wide range of personal data without user consent.
Researchers Haoyu Liu and Paul Patras of the University of
Edinburgh and Douglas Leith of Trinity College in Dublin made the discovery
after conducting an in-depth
analysis of flagship phones from Xiaomi, Oppo Realme and OnePlus.
The study, “Android OS Privacy Under the Loupe – A Tale from
the East,” revealed that the preinstalled apps send large amounts of personally
identifiable information to device vendors and Chinese mobile network
operators, including those not providing service to the phone. The
collected data included persistent device and location identifiers, user
profiles and social connections.
Chinese smartphone brands have taken a bigger share of the
global market in recent years, with newer models gaining a reputation for being
powerful yet affordable. With the study results, the researchers are
calling for “tighter privacy controls to increase the ordinary people’s trust
in technology companies,” highlighting that many are “partially state-owned.”
Based on the findings, the phones sold in China have three
to four times more preinstalled third-party apps with eight to 10 times as many
permissions than phones distributed in other countries.
The list of questionable
apps included a variety of navigation and input apps, as well as
various news, video streaming and online shopping apps that came with the
Chinese firmware out of the box.
The study’s authors point out that users in China have
virtually zero privacy and anonymity considering every phone number in the
country is registered with a citizen ID. The researchers also warned of
potential tracking, even if users travel abroad.
Related Stories:
China
Installs 20 Million of the ‘World’s Most Advanced’ AI Surveillance Cameras to
Track People
Chinese
Company Hired By Apple Busted For Selling $7 Million of Personal Data from
iPhones
Chinese
smartphone brand Honor copies iPhone features, sees sales double
https://nextshark.com/study-chinese-android-phones-spyware
[Submitted on 3 Feb
2023]
Android
OS Privacy Under the Loupe -- A Tale from the East
Haoyu Liu, Douglas J. Leith, Paul Patras
China is currently the country with the largest
number of Android smartphone users. We use a combination of static and dynamic
code analysis techniques to study the data transmitted by the preinstalled
system apps on Android smartphones from three of the most popular vendors in
China. We find that an alarming number of preinstalled system, vendor and
third-party apps are granted dangerous privileges. Through traffic analysis, we
find these packages transmit to many third-party domains privacy sensitive
information related to the user's device (persistent identifiers), geolocation
(GPS coordinates, network-related identifiers), user profile (phone number, app
usage) and social relationships (e.g., call history), without consent or even
notification. This poses serious deanonymization and tracking risks that extend
outside China when the user leaves the country, and calls for a more rigorous
enforcement of the recently adopted data privacy legislation.
https://arxiv.org/abs/2302.01890
No comments:
Post a Comment