-
12 votes
-
Comcast nightmare: Six months without Internet despite $5,000 payment
12 votes -
LG to close mobile phone business worldwide
12 votes -
Brazil’s consumer protection regulator fines Apple $2M for not including charger in iPhone 12 box
11 votes -
Can we stop pretending SMS is secure now?
17 votes -
Finnish telecoms giant Nokia is to axe between 5,000 and 10,000 jobs worldwide in the next two years as it cuts costs
7 votes -
I'm getting spammed by robocalls, what can I do about it?
Hello people of Tildes, long time no see! As per title, since some point last week I've begun receiving calls from extra-EU countries I've never had any contact with (Haiti, Algeria, Morocco,...
Hello people of Tildes, long time no see! As per title, since some point last week I've begun receiving calls from extra-EU countries I've never had any contact with (Haiti, Algeria, Morocco, Tunisia just to name a few).
No doubt it is part of a call back scam; of course I have never picked up nor redialed, still, this seriously blows as I've now been woken up twice at 3am during the week.
Now, I've never had such a problem before, nor have I recently posted my number online anytime recently. Has anyone here had a similar issue? What can I do about it (I'm from the EU if that might help)? Is there any way for me to find out where my number was leaked from?
I have just now installed NoPhoneSpam from f-droid, but have no idea how good of a fix that will be.
Let me know if y'all have any ideas, thanks :)
13 votes -
On the trail of the robocall king
8 votes -
Finland's parliament approved a bill designed to protect its networks against cyber threats and espionage – may be used to exclude China's Huawei and ZTE
4 votes -
Verizon 5G DSS isn't the 5G you want
9 votes -
Sweden is banning equipment from Chinese telecommunication firms Huawei and ZTE from its new 5G network
7 votes -
It's been twenty-four years since internet companies were declared off-the-hook for the behavior of their users. That may change, and soon
20 votes -
Nokia wins Belgian 5G contracts amid US pressure to exclude the Chinese firm Huawei from supplying key telecoms equipment
6 votes -
AT&T shelving DSL may leave hundreds of thousands hanging by a phone line
6 votes -
Nokia has clinched a deal with Britain's biggest mobile operator BT to supply 5G radio equipment – coming months after UK said it would ban Huawei from 5G networks
7 votes -
At this point, 5G is a bad joke
16 votes -
The Nokia 3310 is twenty years old today
9 votes -
One year later, has the Huawei ban been effective?
5 votes -
The clean network: A US Department of State proposal to provide 5G free of China's interference
3 votes -
US phone carriers may soon be able to block all calls from robocallers' carriers
16 votes -
The phone bill security hole in HIPAA
5 votes -
United Kingdom to ban Huawei equipment in 2021 and remove it from 5G networks by 2027
6 votes -
Hundreds arrested after European law enforcement agencies monitored over 100 million encrypted messages sent through Encrochat, a network used by criminals
20 votes -
Widespread T-Mobile outages cause issues for wireless customers across the US
4 votes -
When phones were fun: Samsung's "Matrix Phone" (2003)
8 votes -
Reverse engineering a £339 5G bioshield
7 votes -
Huawei CFO Meng Wanzhou loses key court battle as British Columbia judge rules extradition bid should proceed
7 votes -
Ameelio, a startup backed by the Mozilla's 'Fix the Internet', aims to provide free video calls and messaging to prisoners in the US where video calls can cost as much as $25 for 15min
11 votes -
Anatomy of an internet shutdown
7 votes -
Why is TV 29.97 frames per second?
10 votes -
A history of vintage electronics: The Guglielmo Marconi Collection and the history of wireless communications
3 votes -
Facebook invests $5.7 billion in India's Jio Platforms, becoming the largest minority shareholder in the telecommunications company
7 votes -
At least twenty UK phone masts vandalised over false 5G coronavirus claims
13 votes -
5G coronavirus conspiracy theory fueled by coordinated effort
6 votes -
Telstra pauses job cuts for six months, will hire 1000 extra call centre staff
4 votes -
Government of Czech Republic adopted tracking of infected individuals via cellular networks
5 votes -
Hidden third party telemetry found in Nokia 6.2, 7.2 smartphones
Update 12/03/2020: this is not a telemetry, but a kill switch from Colombian carrier - confirmed by HMD. Kill switch will be removed from most devices soon. I updated an article and posted it...
Update 12/03/2020: this is not a telemetry, but a kill switch from Colombian carrier - confirmed by HMD. Kill switch will be removed from most devices soon. I updated an article and posted it here.
Original article below:
I have recently purchased Nokia 6.2 and wanted to check if it sends any data somewhere, considering what happened with previous models
First, I noticed approx. daily connection to
dapi.hmdglobal.net
This is a Google Cloud that could belong to a company behind Nokia - HMD Global.
But the Privacy policy in my phone only speaks of "activation" process, not of daily diagnostics data.
So I used developer tools to remove the following packages (warning: this may break your device, I am not responsible for any consequences)com.hmdglobal.enterprise.api com.qualcomm.qti.qms.service.telemetry com.qualcomm.qti.qmmi com.qualcomm.qti.qdma
Before removing them, I used APK Extractor to save APK files just in case it breaks my phone and I may be able to attempt reinstall. This part comes into play later.
The first was my blind guess about what exactly connects todapi.hmdglobal.net
The next 3 I found mentioned in various forums for other devices as "safe to remove", however, I have not seen any telemetry sent to Qualcomm or anywhere else, except what I mention next.After removing these packages, I noticed that there are some remaining unknown connections my device attempts several times per day.
They are all done in same order, one right after the other:www.pppefa.com www.ppmxfa.com www.forcis.claro.com.co
After some investigation, I found that the first two domains point to some Microsoft Cloud servers rented in US.
The last one most probably belongs to Colombian telecom company, and this is where it becomes interesting.
After many hours of fruitless removing of different apps in my attempt so stop it, I suddenly remembered something.
When I used APK Extractor previously, there was an empty first line with some generic icon where an app icon should have been.
I went there again and indeed, this is a hidden system app, that you can not see in the list of all apps in Settings, normally. But it turns out, you can see it in Data usage (after it successfully sends some data using your mobile connection).
The name of the app is deliberately left empty to hide it, but if you click it in Data usage, you can see that this app isco.sitic.pp
, which can receive SMS, can make calls, and has access to internet.
As with all Android apps, you can reverse read the name to guess what it is.
Turns out, http://sitic.com.co is a Colombian company, who "are leaders in innovation and create mobile and WEB applications for new products and services." (credit goes to Google Translate)screenshot of the app with permissions
In other words, this app is a 3rd party telemetry, hidden from user, not mentioned in the Privacy policy, that has access to SMS.
This looks very bad and I really hope this is a malware injected by factory and not something knowingly distributed by Nokia, HMD Global, the EU company.After removing the
co.sitic.pp
app, requests to Microsoft Cloud and Columbia stopped.
I was later pointed to a German forum, where (I believe) it was first found in a Nokia 7.2 device.
So, we have it confirmed in 2 devices in 2 different countries.On German forum they contacted Nokia (I assume support) but got tired exchanging emails for weeks without any result.
On 02/03/2020 I have requested an official reply from Nokia and HMD Global via press.services@nokia.com and press@hmdglobal.com and waiting for reply.
Since I am not a journalist, I may never get one.TLDR: 3rd party telemetry is found in Nokia 6.2 and 7.2 devices, is hidden from user, has access to SMS, and sends data to Microsoft Cloud in US and a server in Columbia.
It is probably supplied by SITIC S.A.S., a Colombian company, and looks more like a malware than a telemetry.28 votes -
Department of Justice announces a 16-count superseding indictment against Huawei, four subsidiaries, and CFO Wanzhou Meng that includes charges of racketeering and conspiracy to steal trade secrets
9 votes -
US officials say Huawei has had the capability to secretly access telecom networks around the world for over a decade
15 votes -
Mobile World Congress, the world’s biggest phone show, has been canceled due to coronavirus concerns
9 votes -
Deep sea diving: The state of submarine cable technology
6 votes -
Cut undersea cable plunges Yemen into days-long internet outage
6 votes -
Hackers are breaking directly into telecom companies to take over customer phone numbers
10 votes -
The Light Phone
20 votes -
One nation, tracked : An investigation into the smartphone tracking industry
15 votes -
Telenor has picked Sweden's Ericsson as the key technology provider for its 5G telecoms network in Norway
4 votes -
Nokia's collapse turned a sleepy town in Finland into an internet wonderland
5 votes -
The court allowed the FCC to kill net neutrality because washing machines can’t make phone calls
8 votes -
Norway does not plan to block China's Huawei Technologies from building the country's 5G telecoms network
5 votes -
Colorado town offers 1 gbps for $60 after years of battling Comcast
11 votes