Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.
Latest posts by Esme Greene (see all)
- “Ducktail” Hackers Target Facebook - September 28, 2023
- Okta Breach: Super Admin Hack - September 24, 2023
- Rackspace: $10.8M Cloud Shift - September 23, 2023
It’s not just simple surveillance, but a significant proportion of Android devices currently in use, 30%, are vulnerable to security risks.
The vast majority of smartphone users are aware that manufacturers of operating systems such as Google or Apple collect information about them. However, what no one expected was that mobile chip makers would do the same. While we don’t worry about our private data being sent to Intel or AMD when using a computer, should we be concerned about the same happening with mobile chips?
Nitrokey conducted a study in which several smartphones were tested and cleared of Google services. Many Android users purposefully do this to prevent their confidential data from being collected by Google. Unfortunately, the data is still transferred to Qualcomm “strictly on schedule,” regardless of whether Google services are present or not.
Nitrokey’s analysis was conducted on a custom Android build called ” /e/OS ” on a Sony Xperia XA2 device. This custom build differs from the stock Android system by completely removing Google services and various tracking by the system manufacturer and other services.
The first connection made by a “googled” phone is to “google.com,” as revealed by network logs. The “android.clients.google.com” host serves Google Play for periodic device registration, location, app search, and other functions. It is strange that a smartphone without Google Play would access this address.
The device then connected to “connection.ecloud.global,” which replaces the Google server connection check for “androidconnectioncheck.gstatic.com,” according to /e/OS. It is puzzling why an anonymous debug operating system would still connect to Google’s services. Could this be a form of deep tracking embedded in naked Android code?
The phone began exchanging data with the address “izatcloud.net” two seconds later, according to Nitrokey researchers. After a thorough search of the domain name’s owner, it was discovered that Qualcomm owns it. Qualcomm chips now run on around 30% of all Android devices on the planet, making this finding more intriguing.
Nitrokey researchers believed that the kind of data collection occurring without explicit user consent went against the General Data Protection Regulation (GDPR). They contacted Qualcomm’s lawyers, and Nitrokey received a swift response stating that the data collection was legal and did not violate the Qualcomm XTRA privacy policy, which Nitrokey was previously unaware of.
How can users solve such a problem?
Affected users may attempt to disable the Qualcomm XTRA service by employing a cloud-based DNS-over-TLS blocking service or by manually rerouting this traffic to a proxy server. However, doing so requires considerable technical skills and still does not guarantee complete privacy from tracking.