Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Android China Privacy Security

Amazon Suspends Sales of Blu Android Phones Due To Privacy Concerns (cnet.com) 66

CNET reports: Amazon just put budget phone maker Blu in the penalty box. The online retailing giant told CNET that it was suspending sales of phones from Blu, known for making ultra-cheap Android handsets, due to a "potential security issue." The move comes after security firm Kryptowire demonstrated last week how software in Blu's phones collected data and sent it to servers in China without alerting people. Blu defended the software, created by a Chinese company called Shanghai Adups Technology, and denied any wrongdoing. A company spokeswoman said at the time it "has several policies in place which take customer privacy and security seriously." She added there had been no breaches. Blu said it was in a process of review to reinstate the phones at Amazon.
This discussion has been archived. No new comments can be posted.

Amazon Suspends Sales of Blu Android Phones Due To Privacy Concerns

Comments Filter:
  • I use LineageOS (Score:4, Interesting)

    by bluefoxlucid ( 723572 ) on Tuesday August 01, 2017 @09:12AM (#54919409) Homepage Journal

    First thing I do with a new phone, I wipe it and install LineageOS. Somebody else builds the ROM and I don't have the time or resources to personally-inspect the source code, so it's mostly a more-trusted quantity; and everybody sees it and sees the build process, so there are at least a dozen primary developers, a couple hundred bored hobbyists, and the occasional security researcher looking at the built ROM and the source code. Between the diff against Android and the massive number of eyes on Android's source trees, a lot of people have to be involved in a conspiracy to mess with my phone for there to be anything intentionally-malicious in there.

    I like OnePlus, but I'm not going to run their OS just so it can repeatedly try to sell themes to me. If there was a Lineage ChromiumOS, I'd put that on my Chromebook.

    • "I don't have the time or resources to personally-inspect the source code"

      "everybody sees it and sees the build process,"

      So you don't trust or inspect the code, you rely on others to do that. In other words, choose one community over the other.

      Ok, in other words, you trust that community more than you trust the manufacturer and Amazon.

      Which I understand, but I'm curious - You have some rational basis for that trust, beyond the size and presumed motivations/ethics/history of that COMMUNITY?

      Not that they can

      • You have some rational basis for that trust, beyond the size and presumed motivations/ethics/history of that COMMUNITY?

        One community is a corporate culture that builds an OS image in-house, publishes it for their particular phone, and gets scrutiny when someone decides to try to dismantle the binary image on their particular phone or snoop what's going out the cellular radio. Their OS can hide what's going out the radio, so they need a logic analyzer or specialized radio equipment (lots of effort, not necessarily lots of cost, enormous technical expertise). They can start with an open-source asset and modify it to their

      • Ok, in other words, you trust that community more than you trust the manufacturer and Amazon.

        I do, too. It's a matter of a combination of incentives and track records.

        Commercial corporations have no incentive to make my personal well-being and privacy a priority. They prioritize profit. And the track record of commercial entities makes it very clear that they adhere to those priorities.

        Hobbyist communities have very different incentives and priorities. I don't think that they can be trusted completely, either, but the track record for them is vastly better than for companies.

    • This.

      Any smartphone that I haven't placed my own OS on is a smartphone that cannot be trusted to even a minimal extent.

  • I have a BLU Studio 5.0C, an, its rooted, and I removed ADUPS. However the version of Adups it used was not the version that was stealing people's info. I really like the quality of the Phone I have. I don't like that it has a MediaTek Chipset for which there is no Lineage OS Build.

    BLU Needs to cough up Specs and Drivers to the Lineage OS Community, and start selling LineageOS on their phones, and don't put ADUPS on their Phones. They need to make amends with the Android Community. Because what they have be

    • However the version of Adups it used was not the version that was stealing people's info.

      It's not the version that made the news, perhaps, but do you have any reason to think it's any different in terms of spying?

  • What they mean (Score:4, Insightful)

    by Zontar_Thing_From_Ve ( 949321 ) on Tuesday August 01, 2017 @09:28AM (#54919483)
    "All user data is obtained without their permission, sure, but it's sent securely via encrypted transmission methods. Further, I assure all of our customers that the Chinese Communist Party servers that keep and analyze this data are under the highest security standards and the CCP does not share its data or findings with outside parties. So there is nothing to worry about. Our phones are doing exactly what our masters in the CCP are requiring them to do and doing so in a very secure manner."
    • I actually feel a bit better about this than say a Samsung TV sending your data unencrypted to anyone willing to cough up a dollar.

  • by account_deleted ( 4530225 ) on Tuesday August 01, 2017 @09:34AM (#54919507)
    Comment removed based on user account deletion
    • You're engaging in a false equivalency. All spying is bad, but some is worse than others. In this case, what Adups does is far worse than what any other company, even Google, does (that I'm aware of). It has nothing to do with being Chinese.

      In fact, it wasn't all that long ago that a firestorm erupted when it was discovered that several US carriers had installed very similar software in US phones.

    • by antdude ( 79039 )

      I wished we had installable and controllable firewalls. I use firewalls on my home computers that let me customize rules for the networks. I hate softwares that phone home for no reasons.

      • It's Google's handy design flaw of Android. Oops, little leak there.

        Indeed, should you check with AppThority and others, you'll find that the misbehavior is mindboggling.

        But here's the part that makes me crazy: no one gives a shit. They believe it's the price they pay. The technologists have been shown time and time again that people are sheep. They follow the herd. The herd hasn't the capacity fathom what data mining in China means, and so because it goes over their heads, it's a whoooosh situation. So the

    • or is that OK, because it is not China

      Well ... yeah. Security and privacy are not binary. There are many things I couldn't care less about one non-descript entity knowing that none the less I would not want sent to another.

      Some spying is worse than others.
      Some actors doing the spying are worse than others.

  • The ONLY thing good about most BLU phones is that the touchscreen still functions after the screen cracks.

    Oh, and the FM radio is at least guaranteed to work.

    BT support sucks, hardware is RAM-starved, they rarely not do system updates, the list goes on and on...

    • by AvitarX ( 172628 )

      The "high end" BLU phones are pretty decent and a great price.

      I got a Studio Energy 2 for $120 or so new, and it worked fine with it's 1.5GB

      I currently have a Life one X 2, and it has 4GB, and fast charge, was $180

  • Amazon stopped selling the phone because of "a potential security issue" because an app on the phone collects data and sends it to China without the user's consent. Well, obviously, that's a *PRIVACY* issue, not a *SECURITY* issue.
  • Part of the Bold experience, how to boldly offer a less expensive device. FaceBook and many of Google offerings also free- gee how generous, except the free is really a mutual exchange your info for their experience. Just be upfront about it.
  • by Anonymous Coward

    Truly horrible garbage. Any idiot who walks around with a brick of spyware in their pocket is no geek, but a buffoon.

  • Shanghai Adups = "Shanghai American Dups"?

  • by 517714 ( 762276 ) on Tuesday August 01, 2017 @05:20PM (#54922275)
    Fixed that for you: A company spokeswoman said at the time it "has several policies in place which take customer privacy and security, seriously."
  • As if the Chinese have other means of stealing our data. I was well aware of that security issue and still bought an unlocked 50$ Blü phone, which is kick ass awesome. Others make flagship phones for 10 times the price and still collect all data. Would I rather not have gazillion companies and services spy on me? Sure, but US companies are not any better. Even the electric and gas companies insist on installing the meters outside of the house. They used to be inside and they had no problem driving by i

If you aren't rich you should always look useful. -- Louis-Ferdinand Celine

Working...