Related
I know that Dan found an exploit, I have a feeling this is part of why nobody seems to be complaining to AT&T about the locked bootloader, but the problem is that it isn't a permanent fix, granted we have the ability to disable automated updates, etc. My problem is that AT&T is going to lock all devices from here on out, simply because we allowed them too.
So what can we do?
AnthomX said:
So what can we do?
Click to expand...
Click to collapse
Don't give AT&T your business? I know the locked bootloader issue incenses the Android modding community, but the vast majority of consumers don't know and don't care. AT&T is practically the government, and they don't care either. It's frustrating, but if you don't like it please vote with your dollars.
burhanistan said:
Don't give AT&T your business? I know the locked bootloader issue incenses the Android modding community, but the vast majority of consumers don't know and don't care. AT&T is practically the government, and they don't care either. It's frustrating, but if you don't like it please vote with your dollars.
Click to expand...
Click to collapse
I can agree with that, my only complaint is the small majority of us that notice the lock. Speaking with our money in this case isn't going to make much of a point. There simply isn't enough of us to make them take a hit in their margins. So my guess is that in this instance, it is, what it is, for us? I know AT&T provides us (me and family) the best service in terms of voice/data.
That is just disappointing, because other carriers will follow behind it.
AnthomX said:
I know that Dan found an exploit, I have a feeling this is part of why nobody seems to be complaining to AT&T about the locked bootloader, but the problem is that it isn't a permanent fix, granted we have the ability to disable automated updates, etc. My problem is that AT&T is going to lock all devices from here on out, simply because we allowed them too.
So what can we do?
Click to expand...
Click to collapse
Right now there isn't many legal avenues in favor of the consumer concerning the access to unlocked devices. Congress has given the carriers most of the deciding power over what extent the end-user may manipulate the software on the device. After a petition gained enough friction and reached the White House, the executive branch has agreed consumers deserve the right to invoke their will over devices sold to them without criminal liability, there has yet been any legislative change regarding the matter.
Ultimately, what we can do is multi-faceted to get the attention of carriers [AT&T] to cave to our demands:
1: We can vote with our money by refusing to purchase devices distributed by them, citing their abuse of power over devices sold to consumers -- leaving us no freedom to do as we please with merchandise we contractually own.
2: We can appeal to authority by raising the issue to a federal level to be examined by either higher courts, consumer affairs, Better Business Bureau, or writing your congressman.
3: Start an online petition and hope it gains enough traction to put AT&T and other carriers in a negative light publically on the national stage.
These options work well with numbers and have a better chance of success when done in conjunction with one another. The armchair approach has very little chance of success and often doesn't even merit a reply by way of spokesperson.
AnthomX said:
I can agree with that, my only complaint is the small majority of us that notice the lock. Speaking with our money in this case isn't going to make much of a point. There simply isn't enough of us to make them take a hit in their margins. So my guess is that in this instance, it is, what it is, for us? I know AT&T provides us (me and family) the best service in terms of voice/data.
That is just disappointing, because other carriers will follow behind it.
Click to expand...
Click to collapse
I agree, but to play devil's advocate, I can see why AT&T would want to lock down devices. I imagine since they've been selling Android devices they've had to process tons of RMAs on devices that were bricked by amateurs installing the wrong ROMs. That may well amount to a minuscule hit in their bloated profit margin, but a corporation tends to do whatever it can to prevent dollars from leaking out. If the locked bootloader prevents the casual ROM flasher from bricking a new S4, then they view that as success. I don't know if that's why they did it, though.
The other side to that, of course, that an unlocked bootloader makes it easy to restore a bricked device back to stock. I'd like to see AT&T and other carriers reach out to the dev community more and have some provisions for installing alternate ROMs and OSes on the devices. I'd also like them to just sell me bandwidth and not interfere with content or operating systems, but I won't hold my breath!
antde201 said:
Right now there isn't many legal avenues in favor of the consumer concerning the access to unlocked devices.
Click to expand...
Click to collapse
burhanistan said:
I agree, but to play devil's advocate,
Click to expand...
Click to collapse
AGREED very much Burhanistan, I know that is a hit for AT&T, but you know, they could offer repair services at a decent rate that could fix these bad flashes, as most of the time only a JTAG is needed. Which leads into support and encouragement for the Android communities. But, one can dream. They are more about that profit margin than a profit margin AND great customer service.
Antde, I am looking at starting a petition, maybe gain some traction there? Who knows, but I think you are right, in the end, AT&T doesn't want our business, and I am ok with that. Unfortunately it will be a headache similar to swapping from Apple after using them for so many years. Time to bust out the aspirin I guess. We will see.
Becasue carriers dont care about what we think about locked bootloaders.At the end of the day this device is making millions for them think about it to them it doesnt make a difference.I myself work for a carrier in the U.S and trust me to them what ever rants and complaints we post mean squat....
Anyways its going to be unlocked soon when the VZW releases so whatever I dont even get why we should make such a big deal locked bootloaders always get hacked ...
burhanistan said:
I agree, but to play devil's advocate, I can see why AT&T would want to lock down devices. I imagine since they've been selling Android devices they've had to process tons of RMAs on devices that were bricked by amateurs installing the wrong ROMs. That may well amount to a minuscule hit in their bloated profit margin, but a corporation tends to do whatever it can to prevent dollars from leaking out. If the locked bootloader prevents the casual ROM flasher from bricking a new S4, then they view that as success. I don't know if that's why they did it, though.
The other side to that, of course, that an unlocked bootloader makes it easy to restore a bricked device back to stock. I'd like to see AT&T and other carriers reach out to the dev community more and have some provisions for installing alternate ROMs and OSes on the devices. I'd also like them to just sell me bandwidth and not interfere with content or operating systems, but I won't hold my breath!
Click to expand...
Click to collapse
There's more to a carrier's decision to lock down a device's bootloader than just pure spite and asserting their control. Carriers are also charged with mobile security, protection of their assets (bandwidth), and again security.
An unlocked bootloader theoretically opens the floodgates to a plethora of security threats to both the device and information stored and/or shared therein. Google and their partners are pushing mobile security to both stay relevant in the mobile OS market and to appeal to other markets where they may have been previously overlooked, such as defense and business.
You also have to consider the possibility of unregulated mobile tethering which falls under the umbrella of loss prevention to any business.
Lastly, as you and others have mentioned, the possibility of insurance claims due to bricked devices. Though I'd argue that this area doesn't pose much risk to the carrier directly as you void your warranty as soon as you flash a custom ROM.
So with all of these facets together, you'd see how it would be a no brainer to a corporation to purchase the secure version of an OEM device. Especially if you've chosen to adopt a subsidized device. The contract you sign is subject to whatever terms they produce and if you do not agree, you're free to stay with your current device and leave when your contract expires. I don't care for this sentiment, but it's the reality they have procured.
I think they did it to fight back against tethering.
ATT getting phone manufacturers to lock their phones started a while back. IIRC the first big uproar was for the HTC Vivid. IMHO it's for security and ATT keeping their big accounts. BB ruled for so long because of security. iPhones are the same way. Companies want a secure device. Moto (one of the main ones that market to business use) has always had the stingiest bootloaders regardless of carrier.
poofyhairguy said:
I think they did it to fight back against tethering.
Click to expand...
Click to collapse
Ya because that really stopped us from tethering... Oh wait..
I am thinking to buy honor 8. But the warning of not buying any Huawei phones for US government officials scare me off. Do any security experts show us proof security loophole or hardware backdoor ? In order word, is the concern legitimate? I may use my phone to visit China. And I don't want to be tracked.
Look if your looking to buy the phone go ahead. There has been many sales of this and other Huawei devices in the US.
I be more concerned about likes of Facebook, Snap chat etc etc...
Please help, I am unsure what to do now that I received my Umidigi S2 Pro unlocked phone that I purchased from GearBest and waited a month to receive-- booted it up and ran malwarebytes on it only to learn it has two adware programs built into the system. Norton did not find anything except a KRACK (some sort of Key reboot wifi vulnerability???) risk (not sure if it is on the phone or just an alert for my home wifi?). I thought I was getting a nice smartphone at a good price, but now I am very worried if I can trust such a phone from china-- would it be safe to set up the phone for online banking, for email with my email username and password? Should I just sell the phone on ebay and go back to using my ASUS phone that I bought in the USA where I live? The Umidigi is such a nice looking phone, but if it is a security risk I certainly will not use it, I would then sell it and take the loss and learn the lesson, ugh.
Quicktouch apparently contains the following adware as detected by Malwarebytes: Android/Adware.Xinyinhe.CJ
TouchPal 2017 apparently contains the following adware as detected by Malwarebytes: Android/Adware.Cootek
^^^They are both system apps so they are not so easily removed.
Thoughts, advice?
Midiman55 said:
Please help, I am unsure what to do now that I received my Umidigi S2 Pro unlocked phone that I purchased from GearBest and waited a month to receive-- booted it up and ran malwarebytes on it only to learn it has two adware programs built into the system...
Click to expand...
Click to collapse
Your best bet is to post this question within one of the following threads that is specific to your question.
http://forum.xda-developers.com/showthread.php?t=1846277
http://forum.xda-developers.com/showthread.php?t=1620179
Good Luck!
~~~~~~~~~~~~~~~
I DO NOT PROVIDE SUPPORT VIA PM UNLESS ASKED/REQUESTED BY MYSELF.
PLEASE KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
I also have a similar issue,
Have checked the threads recommended and they are totally irrelevant to the question asked, so here goes:
I bought a new Umidigi phone from an online store, now turns out it seems to be rooted, should I just throw it away or is there any resoanable explanation to why it is like that. Is there anything I can do to be able to use this phone with safety.
Thanks
Shmool said:
I also have a similar issue,
Have checked the threads recommended and they are totally irrelevant to the question asked, so here goes:
I bought a new Umidigi phone from an online store, now turns out it seems to be rooted, should I just throw it away or is there any resoanable explanation to why it is like that. Is there anything I can do to be able to use this phone with safety.
Thanks
Click to expand...
Click to collapse
Did a root checking or antivirus app say it's rooted? I knew these phones have adware & questionable issues around personal data, but didn't think they come rooted. Though maybe some third party with access to phone rooted it, was it sealed when you got it? ( Could also have been installed in factory by unauthorised person or at instructions of Chinese government (though probably only if you or your company is a high value target))
Don't waste your money.
I have Umidigi S2 Pro.
It has very low quality.
The touch screen is very hard to use.
Cheap plastic material with very poor build quality.
The battery real capacity is not 5000mah. The battery is not detectable by battery software. Perhaps only 3000mah
The camera is so blurry. You just get fuzzy pictures.
Too many applications crashed instead of 6GB RAM.
The worst thing it come without any guarantee.
It' nothing but wasting my valuable money.
Can you imagine the fallout for a company, trying to compete in the International Marketplace if just ONE of their products was found to be phishing? In fact it would be commercial suicide in their own countries too.
I have a Umidigi A3, bought for a third of the price of my similar spec Samsung, and I also found that certain apps stated the phone was rooted, but root checkers and superuser software all found this not to be the case. I always rooted my early phones to play around under the hood, but lately certain establishment apps would refuse to work stating security issues with root so I haven't rooted my last couple of phones.. I have had no such problems with my A3. My establishment apps check and wave my little A3 through with a smile. False positive? I'd say likely. The cost of the license to use the latest Google Android OS kind of negates the reasoning behind 'the phish' . I believe the tweaks needed to customise the OS to Umidigi products is what causes these false posies.
And the build quality is superb!! For the price I paid, it may be akin to a Mini in the vast world of mobile communications, but it's deck out with the shiny walnut dashboard and plush seats of a Mini Rolls Royce. Time will tell about it's reliability but so far I don't think I'll ever pay hundreds of pounds for a mobile phone again.
My whole take on this Chinese security question is this.
1st, Google is a bigger (biggest) privacy risk. They can access your phone anytime without you knowing (if they wanted to). But yet no one thinks twice about trusting them, plus most people allow them to save all their passwords and info. But yet it's no concern to most.
2nd, A lot of other phone companies have their internal chips produced in China. And if the Chinese really wanted to spy, it's gonna be built into the hardware.(backdoor) Heck the US government was doing this. Everyone forget?
A lot of these proprietary chips even have access to your internet so they can download their proprietary drivers in the background without your knowledge.
There is no true security. The backbone of the internet was built to share information not secure it. Security starts with you. Everytime you choose to have private information at a convenience, you sacrifice security.
And as far as post 1 which I know is a year old, but for anyone that stumbles across this. The adware that was detected was probably all from TouchPal keyboard. That app is so junk, it even installs apps on your phone. It's always preinstalled on provider phones and such.
Google shouldn't allow these apps to be approved and these companies need to be held accountable for allowing these practices.
Good luck and safe browsing!
aaron74 said:
...Security starts with you. Everytime you choose to have private information at a convenience, you sacrifice security.
...
Click to expand...
Click to collapse
Absolutely concur. Thanks very much for the very true statement. And I think especially that what I partially quoted above can't be stressed enough.
Maybe this falls into the same context?
thanks for your reply
IronRoo said:
Did a root checking or antivirus app say it's rooted? I knew these phones have adware & questionable issues around personal data, but didn't think they come rooted. Though maybe some third party with access to phone rooted it, was it sealed when you got it? ( Could also have been installed in factory by unauthorised person or at instructions of Chinese government)
Click to expand...
Click to collapse
HHi, thanks for replying. The bitcoin wallet app said it was rooted, so yeah. But there were other strange things, like the draw lines security lock already is set so that I can't change it or use it. I bought it on aliexpress "new". It came it its' package and everything in it only it had been opened. It was stuck at costumes for a while so it seemed as if they opened it and play with it a bit there, but then after I saw the rooted thing everything us looking phisy.
Honesty, regardless, having this device made me understand once and for all where all the money goes to with those top dollar phones and why it is so worth it. Cause yeah, you kind of have everything... But it all sucks. Screen sucks, camera sucks. Multitasking sucks. Battery sucks. Radiation feel sucks, and seems pretty sure security sucks. So yeah, you kind of have efrything, but the low quality is felt. Daily.
Chinese brand phones cannot be trusted. It's best to buy Japanese or American ones, at least they're more secure in terms of malware and Trojans.
Recently I came across this issue, since I just recently bought this phone. Usually I will root my phones as soon as I get them, by following the excellent guides in XDA here, but this time, I didn't do much research before getting this phone (Mate 20 X). Aside from this unlocking bootloader issue, I like this phone and I hand-picked this from my list of options because it ticked what I was looking for in my new purchase - big battery, IR and 3.5" audio jack. Plus the latest 7nm 980 Kirin processor is a nice hardware to have. (I had Mi Max 2 before, but had some issues.)
I don't intend to pay any 3rd party and pay prohibitively expensive money to unlock my phone. It's absurd how much they are ripping off the people and on the other hand, I'm surprised how much people are willing to throw money at these dubious sites. Now crossing 100++ USD!!?? What the....
Anyway, back to my question :
1. How do these sites get YOUR phone's codes? I'm sure they are not paying Huawei to get your codes. If not from Huawei, then how are they able to obtain the codes just by having the serial number and IMEI numbers?
2. I hope it's just a matter of time before XDA developers can find out how they do this so that this can be shared with the community so that we can continue unlocking like how we used to do before with other phones.
This is an enthusiast community, not some dumb people who are ready to throw money to some 3rd party hackers to get your codes.
And looking at the latest developments, most of these dubious sites have ceased providing the service....wonder why. Something's fishy here. And prices are shooting up, no doubt, fueled by so many people ready to throw money for them.
I am not a developer but always follow the guides written by excellent deveopers in XDA. It's fun and educational that way. We all have paid for the phones ourselves. Tinkering with our phones is our hobby.
I wish people won't rush to pay and get 3rd party questionable "unlockers" spoil the spirit of XDA.
EDIT : Edited title.
amgreenhawk said:
Recently I came across this issue since I just recently bought this phone. Usually, I will root my phones as soon as I get them, by following the excellent guides in XDA here, but this time, I didn't do much research before getting this phone (Mate 20 X). Aside from this unlocking bootloader issue, I like this phone and I hand-picked this from my list of options because it ticked what I was looking for in my new purchase - big battery, IR and 3.5" audio jack. Plus the latest 7nm 980 Kirin processor is a nice hardware to have. (I had Mi Max 2 before, but had some issues.)
I don't intend to pay any 3rd party and pay prohibitively expensive money to unlock my phone. It's absurd how much they are ripping off the people and on the other hand, I'm surprised how much people are willing to throw money at these dubious sites. Now crossing 100++ USD!!?? What the....
Anyway, back to my question :
1. How do these sites get YOUR phone's codes? I'm sure they are not paying Huawei to get your codes. If not from Huawei, then how are they able to obtain the codes just by having the serial number and IMEI numbers?
2. I hope it's just a matter of time before XDA developers can find out how they do this so that this can be shared with the community so that we can continue unlocking like how we used to do before with other phones.
This is an enthusiast community, not some dumb people who are ready to throw money to some 3rd party hackers to get your codes.
And looking at the latest developments, most of these dubious sites have ceased providing the service....wonder why. Something's fishy here. And prices are shooting up, no doubt, fueled by so many people ready to throw money for them.
I am not a developer but always follow the guides written by excellent deveopers in XDA. It's fun and educational that way. We all have paid for the phones ourselves. Tinkering with our phones is our hobby.
I wish people won't rush to pay and get 3rd party questionable "unlockers" spoil the spirit of XDA.
EDIT : Edited title.
Click to expand...
Click to collapse
I doubt that anybody can provide unlock code without inside information/certain servers approach. If that hadn't been true, xda would have the code a long time ago.
What raises two issues. The first one is why Huawei changed its policy regarding AL00 bootloader after it was already on the market. Huawei had known all implications of unlocked bootloader a long time ago, that is the reason why it had stopped providing codes for other models recently.
It could be assumed that Huawei lured buyers to went for this model because they believe that it is only with unlocked bootloader and it will stay that way. A lot of buyers had wanted an unlocked bootloader, otherwise, they would have taken the international model which required fairly less customization.
Locking bootloader out of the blue and then enabling trading it through middlemen for huge extra profits is at least unfair to the buyers.
And there could be more. Is it possible that sudden change toward locking bootloader arise from the temptation to control users? That stuff that is basically what US accused Huawei and what makes discomfort even in more countries?
Finally, there is one question for xda, too. Until recently xda was a synonym for a free exchange of knowledge, solutions, software. Basically, almost everything I know about Android, phones, hacking, I've got from xda. And if I have something to share, I do it with gratitude for everything I received and gained from this great community. But I'm not even important, my knowledge is basic. There are many devs with a massive contribution, whole solutions, modifications, entire systems. For free.
It's quite acceptable to make reference to paid solutions or stuff and to recommend it in the forum. As it was always acceptable presenting royalty-free solutions in the forum and offering more customizing one via Google Play or similar portals. Or asking for a donation. But selling pure commercial solutions for ripoff money for something that has been already paid to the phone producer is an entirely different story. It may turn this forum into a commercial portal. If one could gain huge profits for participation only due to his connection with the producer, what is the point to spend hours, days and weeks of hard work just to bring a perfect rom or solution to the community?
Then, perhaps we'd need another forum. For contributors instead of traders.
Bootloader codes can only be provided by Huawei. FunkyHuawei and other "sellers" likely had an inside source that was providing codes at a cost - these people likely lost their jobs which is why there are no codes available from any source. XDA has found ways to load custom recoveries on many devices in the past, but this was never by locating the bootloader unlock code, only by exploiting a security flaw.
Personally, I don't think this issue has anything to do with Huawei wanting to lock down users. (despite what they're telling us) I think they are scared of research firms finding evidence of Huawei stealing hardware/software from other manufacturers. I don't mean this as a dig on Huawei, I think Apple is guilty of this as well. Both guilty in stealing radio hardware design and software from Qualcomm.
Has anyone actually obtained an unlock code in the last few weeks? If so, for which version of Mate 20 X and how much did you pay?
It's simple guys, 2 options:
Either 1. Insider that gets very busy now because if the many requests since OEM unlock is available again in the new updates.. so price goes up.
Or 2. Someone has the algorithm to generate these codes based on IMEI.
Since the price has went up by 4x I think option one is more realistic, however I don't rule out option 2. Perhaps we can fix a bounty for a team that can look into a key generator?
https://theunlockingcompany.com
Seems to be advertising to unlock at 39.99 US. I am hesitant though not only because of the issue developers have with the ethics behind such a service, but becasue I am a bit of a newb. Once I give out my IMEI number, doesn't that put me at risk of ending up with a brick?
s327374 said:
https://theunlockingcompany.com
Seems to be advertising to unlock at 39.99 US. I am hesitant though not only because of the issue developers have with the ethics behind such a service, but becasue I am a bit of a newb. Once I give out my IMEI number, doesn't that put me at risk of ending up with a brick?
Click to expand...
Click to collapse
I just bought it I hope to have the code in 12 hours
Kurocham said:
I just bought it I hope to have the code in 12 hours
Click to expand...
Click to collapse
Wait ... I am now advertising for them. I thought the point of this thread was to not pay these companies. Although I am interested to know if your EVR-AL00 gets a code. I will be tempted
s327374 said:
https://theunlockingcompany.com
Seems to be advertising to unlock at 39.99 US. I am hesitant though not only because of the issue developers have with the ethics behind such a service, but becasue I am a bit of a newb. Once I give out my IMEI number, doesn't that put me at risk of ending up with a brick?
Click to expand...
Click to collapse
Are you sure this company will give you code to unlock bootloader? Looks like what they do is unlock phone from carrier. For example, you buy a phone from AT&T and you want to use it on Tmobile but you can't because it is carrier locked.
Kurocham said:
I just bought it I hope to have the code in 12 hours
Click to expand...
Click to collapse
You realize that this is the unlock code for the simcard Carrier right? That has nothing to do with bootloader unlock...
Kurocham said:
I just bought it I hope to have the code in 12 hours
Click to expand...
Click to collapse
mscion said:
Are you sure this company will give you code to unlock bootloader? Looks like what they do is unlock phone from carrier. For example, you buy a phone from AT&T and you want to use it on Tmobile but you can't because it is carrier locked.
Click to expand...
Click to collapse
I am not sure - I just assumed that this would be for unlocking bootloader.... I guess we will know from Kurocham soon.
ilovepj said:
You realize that this is the unlock code for the simcard Carrier right? That has nothing to do with bootloader unlock...
Click to expand...
Click to collapse
OMFG I DID NOT KNOW!!!!:crying::crying::crying::crying:
Kurocham said:
OMFG I DID NOT KNOW!!!!:crying::crying::crying::crying:
Click to expand...
Click to collapse
Sorry bro. I feel your pain. I am sorry for the accidental misdirection.
So I'm looking to buy a new phone and it seems that about 70% of the market share in the best buys is comprised of Chinese owned manufacturers.
There have been numerous reports of such manufacturers collecting user-identifable data and phoning home with it. I know that western owned phone companies collect data but believe that the rules /laws, ehtics and security are better followed in the west. I'm not trying to get into a debate of east vs west btw this is just my opinion. Yes I know that almost all phones are manufactured in China but I'm more concerned about who is influencing the companies themselves if they are Chinese.
So given that I value my privacy and want to keep personal data out of the hands of bad actors I'm left with a choice of buying a western owned phone which are generally much lower spec for a price point or perhaps buying Chinese and rooting.
My question is whether this is a practical answer given the need to use a phone as a secure device e.g. 2FA and internet banking apps etc and a daily driver? Also my experience tells me that when one takes a custom ROM they take on responsibility for applying patches and updates which is something of an administration burden I probably don't have the time /inclination for.
For the record I've flashed and used custom roms on about 3-4 devices in the past so have some first hand experiance but wondered if things have changed for the better or worse?
They could have embedded hidden backdoors in the hardware or worse.
Well, things are still the same, if not even worse. Beside security patches, Google has been cracking down on rooted users, so in the near future some features and some apps might stop working. Unfortunately users with just an unlocked bootloader might be caught in the crossfire. As for privacy, try Xiaomi. Sure, there have been rumors of Spyware on Xiaomi devices. Well, back in January some cybersecurity firm from Germany test that theory. Proved it was false.
Germany: No evidence of spying from Xiaomi phones
One point for Xiaomi
www.gadgetmatch.com
Thus Xiaomi might be one of the good ones. At least in terms of being spied by them. Sure, third party apps also spy on you, but for that you have adb.
Fytdyh said:
Well, things are still the same, if not even worse. Beside security patches, Google has been cracking down on rooted users, so in the near future some features and some apps might stop working. Unfortunately users with just an unlocked bootloader might be caught in the crossfire. As for privacy, try Xiaomi. Sure, there have been rumors of Spyware on Xiaomi devices. Well, back in January some cybersecurity firm from Germany test that theory. Proved it was false.
Germany: No evidence of spying from Xiaomi phones
One point for Xiaomi
www.gadgetmatch.com
Thus Xiaomi might be one of the good ones. At least in terms of being spied by them. Sure, third party apps also spy on you, but for that you have adb.
Click to expand...
Click to collapse
That's bad to hear that Google are trying to put the squeeze on and a deterrent to investing time and energy installing Roms that may only get worse with time in terms of G Apps and services.
Hmmm that article refers to an absence of censorship rather than not spying.
Here's an example of the story which I've seen repeated elsewhere on Xiaomi spying:
Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use
Xiaomi is collecting users’ browser habits and phone usage, raising red flags for privacy researchers.
www.forbes.com
steveyc2 said:
That's bad to hear that Google are trying to put the squeeze on and a deterrent to investing time and energy installing Roms that may only get worse with time in terms of G Apps and services.
Hmmm that article refers to an absence of censorship rather than not spying.
Here's an example of the story which I've seen repeated elsewhere on Xiaomi spying:
Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use
Xiaomi is collecting users’ browser habits and phone usage, raising red flags for privacy researchers.
www.forbes.com
Click to expand...
Click to collapse
Sorry about that.
At this point, I doubt there isn't a smartphone maker that does not track its users. From chinese makers to American makers, everyone tracks their users. Their data sells the best. At this rate, if you want to totally protect your privacy, don't buy a phone. Anything and everything can be tracked. Dumb phones and smartphones. So picking a smartphone isn't going to keep your privacy secure. You might have a say in how many people do you want to track you, based on phone's price.
steveyc2 said:
So I'm looking to buy a new phone and it seems that about 70% of the market share in the best buys is comprised of Chinese owned manufacturers.
There have been numerous reports of such manufacturers collecting user-identifable data and phoning home with it. I know that western owned phone companies collect data but believe that the rules /laws, ehtics and security are better followed in the west. I'm not trying to get into a debate of east vs west btw this is just my opinion. Yes I know that almost all phones are manufactured in China but I'm more concerned about who is influencing the companies themselves if they are Chinese.
So given that I value my privacy and want to keep personal data out of the hands of bad actors I'm left with a choice of buying a western owned phone which are generally much lower spec for a price point or perhaps buying Chinese and rooting.
My question is whether this is a practical answer given the need to use a phone as a secure device e.g. 2FA and internet banking apps etc and a reliable daily driver? Also my experience tells me that when one takes a custom ROM they take on responsibility for applying patches and updates which is something of an administration burden I probably don't have the time /inclination for.
For the record I've flashed and used custom roms on about 3-4 devices in the past so have some first hand experiance but wondered if things have changed for the better or worse?
Click to expand...
Click to collapse
To be on the safe side, you can install an alternative ROM, such as LineageOS, instead of the preinstalled OS: requires phone's bootloader is unlockable.
Be aware that no cell phone provides you with true anonymity.
xXx yYy said:
To be on the safe side, you can install an alternative ROM, such as LineageOS, instead of the preinstalled OS: requires phone's bootloader is unlockable.
Click to expand...
Click to collapse
yes i know i can do that- and the firmware too- my question was about the practicality of living with such a phone once done
xXx yYy said:
Be aware that no cell phone provides you with true anonymity.
Click to expand...
Click to collapse
Yes, aware of that, just trying to minimise exposure while still having a usable phone
blackhawk said:
They could have embedded hidden backdoors in the hardware or worse.
Click to expand...
Click to collapse
worrying but if one wipes the firmware and ROM then that would mitigate any hardware backdoor risks I would have thought?
Has anyone actually tested a custom rom on a chinese phone that was known to send data back to chinese servers?
For example:
test with stock rom: wireshark shows phone sending information to chinese IP
test with custom rom: wireshark shows no packets sent to chinese IPs.
sso003 said:
Has anyone actually tested a custom rom on a chinese phone that was known to send data back to chinese servers?
For example:
test with stock rom: wireshark shows phone sending information to chinese IP
test with custom rom: wireshark shows no packets sent to chinese IPs.
Click to expand...
Click to collapse
Some infos could go to an American proxy server then to Chinese. In order to be sure no one gets you data, learn to code and make your own rom and your own apps. Open source apps are an option if you know to check the source yourself.