Chinese Smartphones Exposed: Study Reveals Widespread Data Collection. The world has come to expect that smartphones constantly send a certain amount of data to the servers of the device manufacturer or individual applications. However, a recent study conducted by a team of British-Irish scientists has revealed that the data sent by users of popular Chinese smartphones from local distribution is sent on a much larger scale. Initially, these Chinese smartphones were imported from local trading platforms like Aliexpress, but even today, some people who are looking for savings opt to buy equipment intended for the Chinese market. However, this is not always the best solution.
The team of Irish-British researchers analyzed the smartphones of three popular Chinese brands – OnePlus, Xiaomi, and Realme – to examine their security and data acquisition processes. The researchers purchased three smartphone models directly from the Chinese market – the Xiaomi Redmi Note 11, Oppo Realme Q3 Pro, and OnePlus 9R – and set up a network tunnel that connected directly from the university campus to servers in Shanghai. All three devices were used in Chinese and with Chinese SIM cards to create conditions similar to those in which an average person in China uses a phone.
The network traffic analysis revealed that the Chinese smartphones provide real-time data on geolocation, Wi-Fi network, a list of installed applications, the history of their use, phone number, call history, and message history, in addition to the typical information obtained by many applications. The transfer of geolocation data continued even when the geolocation functions were not enabled, and the transfer of information about the SIM card continued even when it was turned off. The Redmi Note 11 also provided information obtained from the default applications installed on the phone, such as the Dictaphone, Notepad, or Settings.
This data is transferred without asking for the user’s prior consent or offering the possibility to withdraw the permissions of the application. The data is sent to six different servers located throughout China, and the analysis of the files showed that the data was obtained not only by the manufacturers of the smartphones but also by Chinese operators like China Unicom and China Mobile, and Baidu, which is often referred to as the Chinese Google.
For comparison, the researchers purchased the same Realme and Redmi models from global distribution, and while these phones did collect data, it was on a much smaller scale and involved only a small amount of data, such as IMEI and IMSI numbers, MCC code, application information, and Wi-Fi network. The Redmi sent data to Xiaomi servers in Singapore, while the Realme sent data to Oppo servers in Paris.
The study highlights the different attitude of the government in Beijing towards the processing of citizens’ data compared to the rest of the world. Although it is not groundbreaking, it is one of the first in-depth analyses of how data acquisition and transmission works in China. If you want to protect your data, it is recommended that you purchase your smartphone from a trusted global distribution store, rather than from the Chinese market.
Read More: Sony Accuses Microsoft of Harassment Over Activision Blizzard Merger