Kryptowire has discovered a vulnerability in the firmware used by 700 million smartphones, cars and other smart devices. The company that created it, Adups Shanghai Technology Company, has indicated that 120,000 American manufacturer BLU phones are affected by a feature that allows spying on him practically everything in these devices.
Adups software transmits text messages, contact list, call logs, location information and other data to Chinese servers. Neither the manufacturer nor the users knew anything, and apparently integrate that firmware on those phones was a mistake. What is not an error is the firmware itself, which is used extensively by Chinese manufacturers who can thus monitor the activity of their users.
Monitoring should not have been active on BLU smartphones
Adups provides that ZTE and Huawei software, and design of such functionality was entrusted to the company by an unspecified manufacturer that wanted to take all that data “to improve customer service.” Lily Lim, a California lawyer who represents Adups, explained that the company has no affiliation with the Chinese government.
You may also like to read another article on Lab-Soft: Sony Xperia X, better processing a lot of detail but with aspects to polish
It also stated that it is the companies that manufacture and sell these phones that should clarify their policies, not Adups, a company that “was only there to provide the functionality that the handset vendor asked for.” This software allows for example that manufacturers can provide remote updates for their devices, a key feature for users.
Google itself seemed to be aware of the activity of Adups and had told its managers that “remove the option of surveillance for phones that run services like the Google Play store.” That should have excluded smartphones like SSB, but it was not.
Adups has not published the list of models committed while in Kryptowire indicate that only advanced users could find out whether or not their devices are affected. BLU President Samuel Ohev-Zion commented on how this is “something we obviously did not know” and said that the problem has now been resolved and “there is no BLU device currently collecting that information.”