Security News Google sold Android phones with hidden insecure feature, companies find

[correlate]

Level 18
Thread author
Verified
Top Poster
Well-known
May 4, 2019
823
Google’s master software for some Android phones includes a hidden feature that is insecure and could be activated to allow remote control or spying on users, according to a security company that found it inside phones at a U.S. intelligence contractor.

The feature appears intended to give employees at stores selling Pixel phones and other models deep access to the devices so they can demonstrate how they work, according to researchers at iVerify who shared their findings with The Washington Post.
 

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,216
Can't you buy it direct from google?
That's the thing, I can't. Even though by EU law I have right to buy anything from anywhere in the EU, Google Store only ships to addresses where they operate. I can buy from Amazon DE/IT without any issues, but Google Store DE/IT only ships to their countries.

Not only that. If my phone breaks, I have to send it abroad because no one here fixes Pixels as they are unofficially available here. Some web shops sell imported Pixels here, for double the price which of course I ain't payin'. From what I understand, I can't even send phone from here to Google and let them handle the repair.

EDIT: I just saw that Google Store recently added Slovenia on their site, but they're not the ones selling the products. When you select the product they redirect you to the websites of their partners. One of them owns a electronic shop in Croatia.

I just don't get it; why can't Google open a Google Store in Slovenia and just serve the entire Ex-Yu area.
 
Last edited:

cartaphilus

Level 10
Verified
Well-known
Mar 17, 2023
491
Def not a good look, but I'm getting a Pixel anyway. :)
I Had Pixel 6 XL, 8 XL and now won't be getting 9 XL. I have decided that PIXEL SUCKS! The connectivity is something to be desired. It keeps dropping 5G and cell signal during a conversation even when at -50db cell tower signal strength. None of the AI Tensor Core crap is unique to the device since everything eventually gets ported down to every other device so the whole TENSOR is special Hardware is a bunch of marketing BS.
The battery is Abysmal, the only good thing is the camera but I don't buy a phone for a camera, I buy a phone to be a phone at which Pixel sucks!
 

cartaphilus

Level 10
Verified
Well-known
Mar 17, 2023
491
That's the thing, I can't. Even though by EU law I have right to buy anything from anywhere in the EU, Google Store only ships to addresses where they operate. I can buy from Amazon DE/IT without any issues, but Google Store DE/IT only ships to their countries.

Not only that. If my phone breaks, I have to send it abroad because no one here fixes Pixels as they are unofficially available here. Some web shops sell imported Pixels here, for double the price which of course I ain't payin'. From what I understand, I can't even send phone from here to Google and let them handle the repair.

EDIT: I just saw that Google Store recently added Slovenia on their site, but they're not the ones selling the products. When you select the product they redirect you to the websites of their partners. One of them owns a electronic shop in Croatia.

I just don't get it; why can't Google open a Google Store in Slovenia and just serve the entire Ex-Yu area.
You can only get the Yugo version of Pixel, it's powered by the Trabant Core
 

Sandbox Breaker

Level 11
Verified
Top Poster
Well-known
Jan 6, 2022
507
Pixels are solid. We use them at my firm and obviously harden the heck out of them while using a strong MTD solution. Device integrity is huge because this is the way we can detect nation state attacks on these devices. Never mind malicious apks lol.

As researchers poke holes on Google's software and hardware it forces them to tighten things up. Google is known for security and I doubt that that would want to be looked at as not caring. Let's see how they respond.
 

cartaphilus

Level 10
Verified
Well-known
Mar 17, 2023
491
Pixels are solid. We use them at my firm and obviously harden the heck out of them while using a strong MTD solution. Device integrity is huge because this is the way we can detect nation state attacks on these devices. Never mind malicious apks lol.

As researchers poke holes on Google's software and hardware it forces them to tighten things up. Google is known for security and I doubt that that would want to be looked at as not caring. Let's see how they respond.
As a personal use factor I don't care that much about it being hardened since if lost it's lost, I care more about usability. Will it be able to connect and not drop signal? Will it work on WiFi 6ghz (it doesn't, it connects but the bandwith is abysmal and it's a known issue for over a year and it's not been fixed yet). Can I count on it to get in contact with someone during an emergency (nope, signal issues). Can I use it for WiFi Calling...yes...but with horrible breaks in comms that occur at random. So yeah no, it feels like a half baked product.

As per security; there is a reason why DoD is using Apple and not Android, and that's even after Apple told DoD acquisitions to pound sand when DoD approached them a decade ago regarding a custom hardware. (not sufficient # of devices to warrant alternate design)
 

Sandbox Breaker

Level 11
Verified
Top Poster
Well-known
Jan 6, 2022
507
As a personal use factor I don't care that much about it being hardened since if lost it's lost, I care more about usability. Will it be able to connect and not drop signal? Will it work on WiFi 6ghz (it doesn't, it connects but the bandwith is abysmal and it's a known issue for over a year and it's not been fixed yet). Can I count on it to get in contact with someone during an emergency (nope, signal issues). Can I use it for WiFi Calling...yes...but with horrible breaks in comms that occur at random. So yeah no, it feels like a half baked product.

As per security; there is a reason why DoD is using Apple and not Android, and that's even after Apple told DoD acquisitions to pound sand when DoD approached them a decade ago regarding a custom hardware. (not sufficient # of devices to warrant alternate design)
Custom Hardened ROMS are used by alot of Intelligence agencies. I agree with you on usability. The lack of visibility into iOS thou make it a juicy target and harder to determine compromise. Which increase dwell time. Kaspersky did a great write up on operation triangulation. Also Russia bans iPhones for govt use. iOS also get popped more at pwn2own. Samsung is a joke. Never see a pixel though:)
 

n8chavez

Level 19
Well-known
Feb 26, 2021
927
I Had Pixel 6 XL, 8 XL and now won't be getting 9 XL. I have decided that PIXEL SUCKS! The connectivity is something to be desired. It keeps dropping 5G and cell signal during a conversation even when at -50db cell tower signal strength. None of the AI Tensor Core crap is unique to the device since everything eventually gets ported down to every other device so the whole TENSOR is special Hardware is a bunch of marketing BS.
The battery is Abysmal, the only good thing is the camera but I don't buy a phone for a camera, I buy a phone to be a phone at which Pixel sucks!

Not that it matters, but the 9 series is getting a new modem...finally!
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,355
I believe the 7 and 8 had the really bad Exynos Modem 5123, but the 9 is getting Exynos Modem 5400. From what I can tell, that's a pretty significant upgrade.

See here.
The Exynos modems range from nightmare to simply not as good, specially compared to Qualcomm but nice upgrade. At least something.

I ditched Samsung (after 1 attempt to use Galaxy) mainly because of the modem. Although it has now been rectified by eliminating the Exynos version in EU, can’t switch back.

On the other side, the wi-fi modules are top notch.
 

n8chavez

Level 19
Well-known
Feb 26, 2021
927
The Exynos modems range from nightmare to simply not as good, specially compared to Qualcomm but nice upgrade. At least something.

I ditched Samsung (after 1 attempt to use Galaxy) mainly because of the modem. Although it has now been rectified by eliminating the Exynos version in EU, can’t switch back.

On the other side, the wi-fi modules are top notch.

I agree with Exynos, although I'm biased because I was on that Qualcomm team that designed the chip.
 

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,216
The Exynos modems range from nightmare to simply not as good, specially compared to Qualcomm but nice upgrade. At least something.

I ditched Samsung (after 1 attempt to use Galaxy) mainly because of the modem. Although it has now been rectified by eliminating the Exynos version in EU, can’t switch back.

On the other side, the wi-fi modules are top notch.
Exynos is terrible and is one of the reasons why I'll never own a Samsung phone. I tend to buy only Qualcomm phones because in almost all cases they are fast and battery lasts longer. Generally, I never had issues with Qualcomm phones, but Exynos, dear God. Samsung should stop embarrassing themselves and just use Exynos in home appliances because that's the category they are only good for.

My next phone will definitely be either Xiaomi or Motorola. I fell in love with my Poco X5 Pro the moment I opened the box. Yes, it came with A LOT of bloatware and ads, but really nothing you can't get rid of. I just connected my phone to a PC via ADB and some software, I managed to remove pretty much anything I don't need in less than 5 minutes.
I removed all Xiaomi apps (except Security which can't be removed as the HyperOS will boot loop) and replaced them with Google ones which come with Pixel devices, even the basic ones like Calculator. Modem inside this phone is a beast! I never had any issues with Wi-Fi or mobile signal reception at all. I just love it.

Motorola phones would be my second choice, they are made by Lenovo from which I have Legion laptop and I'm really satisfied. Beside, my father owns Motorola phone and after buying the first one, he only wants Motorola now, nothing else. I like the fact they have clean Android with just a few bloatware apps, nothing else. Pretty much Pixel experience for half the price.
 
  • Like
Reactions: Game Of Thrones

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top