It is currently 15-12-2017 15:09

Xiaomi explained the purpose of the backdoor on their smartphones

Xiaomi explained the purpose of the backdoor on their smartphones

by sigismund » 2016-09-20 12:49:10


comment about the possibility of forced install any application on the part of the company Xiaomi refused.


The Chinese company Xiaomi has published an official comment regarding the mysterious backdoor that was discovered on a smartphone Xiaomi Mi4. We are talking about is constantly running in the background the app AnalyticsCore.apk, which is restored after attempts to remove it. Each time you connect to the official server of the manufacturer, the program passes information about the device, including model name, IMEI, MAC address and a Nonce.

According to discovered problem, a Dutch student of Tisa Broenink (Thijs Broenink), under the file Analytics.apk Xiaomi may force to install on device and run in the background any application.

The Presence AnalyticsCore.apk was seen in November last year, but the company stubbornly ignored the discussion on a technical forum. Following the presentation, Broenink Xiaomi still gave official comment to The Hacker News.

As explained in the company, AnalyticsCore is a native feature of MIUI system and MIUI used to analyze the data and transfer it to developers to improve the shell and user experience in General. Xiaomi acknowledged that the updates really are installed, but only if they have an official digital signature.

Qoute:"Any apk under the guise AnalyticsCore cannot be determined precisely because of the verification of the digital signature. In MIUI version 7.3, released in April/may, there is support for the HTTPS Protocol to ensure secure data transmission and avoid the possibility of the attack "man in the middle", - said the representative of Xiaomi.


From comments regarding the possible forced install any application on the part of the company Xiaomi refused.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5