• MaoZedongOfficial [none/use name]
      hexagon
      ·
      edit-2
      2 years ago

      i remember qualcomm getting busted before?? Might be mixing it up. anyways yeah they're all doinf this [us manufacturers)

  • FuckyWucky [none/use name]
    ·
    edit-2
    2 years ago

    yea im suspicious of this. yes qualcomm sends data but nitrokey was trying to sell their own "degoogled" nitrophone so they're very biased.

    https://lr.slipfox.xyz/r/privacy/comments/12yii9u/german_security_company_nitrokey_proves_that/jhojlr7/?context=3

    • MaoZedongOfficial [none/use name]
      hexagon
      ·
      2 years ago

      Degoogling is nothing new, neither is Qualcomm spying, dunno about Nitrokey, I have plenty of other good degoogling options, I'm sure you all do too

  • xXthrowawayXx [none/use name]
    ·
    2 years ago

    This isn’t 100% accurate, but the case against the article (that only incredibly old devices do it over http, that there’s nothing identifying in there) glosses over the wildly variable amount of device unique data embedded in headers.

    Just hardware gps killswitch thoughts.

  • InevitableSwing [none/use name]
    ·
    2 years ago

    It sent the data via WiFi.

    Nitrokey tested with a Sony Xperia XA2 smartphone. [...] No SIM-card was inserted in the phone, nor was the GPS location service turned on. The device can only access the internet through WiFi. The company monitored the data with Wireshark, a network traffic software, and found that the data will be transmitted to izatcloud.net server, which attributes to Qualcomm.

    The report said the data packages were "sent via the HTTP protocol and are not encrypted using HTTPS, SSL or TLS," making them vulnerable to attacks as anyone accessible to the network "can easily spy on us by collecting this data, store them, and establish a record history using the phone's unique ID and serial number Qualcomm is sending over to their mysteriously called Izat Cloud."

    • invanity [none/use name]
      ·
      2 years ago

      Hm, I have an Xperia 5 IV but don't see any logs in my pihole to that domain. Wonder how frequently that sort of activity is happening

  • TheBroodian [none/use name]
    ·
    2 years ago

    Who the fuck isn't doing this? Shouldn't the default assumption at this point be that every electronic is just 40,000 spybots in a trenchcoat?