Google scolded for depriving the poor of privacy as Chinese malware bundled on phones for hard-up Americans

Lawyers going for the Big Money as usual

Yeah, don't go after the ones who actually manufactured the devices and chose to put the suspect software on them - go after the Big Company and claim Big Damages to enlarge your Big Law Office because Alphabet was dumb enough to release Android as Free/Open software that anyone can use for any purpose without paying the Apple tax. How very Prenda of you!

Not just cheap phones it seems...

I just checked my (not cheap) Cosmo Communicator and it also seems to harbour the "Wireless Update":"PUP.Riskware.Autoins.Fota.fbcvd" application.

Not sure what to make of this as I don't want to switch off updates.

I feel fortunate

I feel fortunate that I have the skill set to replace the OS on my phones with something clean. But not everyone can do this, and it might not even be possible on some of the lower-end phones with their proprietary SoCs that require substantial proprietary knowledge to compile a kernel for.

Google could easily fix it if they just required that phones shipping with their OS on them must allow for the user to remove everything. Google has the power here and yet they act like the victims. Phone manufacturers can't exactly move to anything else, Windows Phone is dead, and Apple sure as hell isn't going to allow their OS on anything they didn't make themselves. Yes, there are other OSes, but there is no way they can compete against the Google/Apple duopoly, unless they can figure out some way to convince app developers to also develop for their platform (And it would have to be a lot of them).

Google's at risk

We forget that Google's business model is effectively to give away software that has built-in spyware on it. They call it 'analytics', its the data that allows companies that rent your screen space for advertising to make sure they're getting value for money. Because of this there's no real incentive to remove all this crapware -- its the business model. You could say that along with other companies -- Facebook, for example -- they need the customers a lot more than the customers need them.

The current situation where Google is prevented by the US government from allowing its Andriod system to be shipped with new Chinese phones poses a threat to that company. Duplicating the user functionality of Google's software is straightforward and a combination of a clean room development of second generation software (i.e. one learning from design mistakes rather than having to live with them) and an environment that has hard wired analytics due to the prevailance of e-commerce in China has the potential to make Google irrelevant -- or at the very least severely dent its value.

Google, Facebook, et al

A pox on your filthy spying houses.

Isn't Android open source?

How would we stop people changing open source software and doing whatever the hell they like with it? Isn't that the point?

I might be missing something here, but it seems like people want Google to change stuff that isn't under their scope of power.

But these are for POOR people!!

You HAVE to keep a close eye on them, or they will do something criminal and frighten the horses !

> Malwarebytes said that Assurance Wireless by Virgin Mobile, supported by the US government's Lifeline Assistance program, distributes the... phone with two pre-installed apps that appear to be malicious.

So why go after Google? Surely Virgin, Unimax (who?) and the US gov are more responsible for these phones since they actually make and distribute them.

A lesson for chinese data grabbers

It seems to me that we in the west are perfectly happy if our data is being slurped by our own guys. When it's the chinese, however, it goes to a different level.

The lesson for china is simply to buy out a western company and everyone will be fine. Actually, they already seem to be doing that.

As for who the lawyers go after, I can't see them going after the chinest agencies that actually wrote and installed the malware before the phones were shipped. Who else CAN they hit?

The problem is the Google Play Store ...

and the fact that Google won't allow developers to push their apps thought any other channel so it's impossible to avoid.

So much for the free market.

The bottom line

The bottom line is you no longer really own anything - including your phone. The vendor or service provider graciously allows you to use it while you continue to fork out, and they reserve the right to tamper with it at will. Plus, they don't give a fetid dingo's goolies (thanks Douglas Adams) whether it even really works, let alone whether it poses a risk to you - as long as you keep forking out.

For those of you that want to play along at home....

For those of you that have a subscription to Virus Total's malware database I have uploaded several of the apps and modules that were installed on the phones without the users knowledge:

com.concreteroom.thenorthpole-1.apk

26333a6d48deddd3305c07b5ee00bb6e

com.democratizing.casualness-1.apk

82ecf170914d360992e230e0929fc0b8

com.spidmes.peaus-1.apk

fde7346273d4561b306828615412899d

com.tesla.eo.xsdfa.apk

3332c30b6e4823135c984c57e11512ef

com.bird.aa01.apk

3f9cb3284cfb560ea59f6a4d895ee0a5

SystemFota.apk

94f0226b794040cc3e3952614a569c61

Gallery2.apk

e7a6854e7bdd61207100bde3a9cc3f73

Plays_com.android.eo.plays.apks

432feebad71938963100e4571be0a6ed

Some interesting facts:

The Gallery app has encrypted modules hidden in the Assets folder as fake True Type fonts ("samsun.ttf" and "small.ttf")

The com.tesla.eo.xsdfa.apk hides it's icon from the user's screen to avoid deletion by novice users and is designed to look like the "Clean Master" found on the Google Play Store and actually shares some of Clena Master's SDK's.

This app also has several encrypted libs and modules in the Assets folder.

All the apps use the factory installed Calendar app to avoid detection by waiting to decrypt any modules until after the user has had the phone for a while.

Some of the apps didn't appear until after 4 weeks of use.

The apps also look to see if the phone has been rooted by checking for common rooting signatures such as: ("com.koushikdutta.superuser", "com.thirdparty.superuser", "com.yellowes.su", "com.topjohnwu.magisk") and also executing the "su" command in the background.

The apps also detect if they are on an emulator by checking how many processor cores are in use by running "cat /proc/cpuinfo" but is hidden from the system by using base64 encoding.