The AchieVer Posted March 21, 2019 Share Posted March 21, 2019 Nokia firmware blunder sent some user data to China Company behind Nokia smartphones accidentally left a data collection package inside some Nokia 7 Plus devices' firmware. Image: Josh Miller/CNET HMD Global, the Finnish company that sublicensed the Nokia smartphone brand from Microsoft, is under investigation in Finland for collecting and sending some phone owners' information to a server located in China. In a statement to Finnish newspaper Helsingin Sanomat, the company blamed the data collection on a coding mistake during which an "activation package" was accidentally included in some phones' firmware. HMD Global said that only a single batch of Nokia 7 Plus devices were impacted and included this package. The data collection was exposed today in an investigation published by Norwegian broadcaster NRK, which learned of it from a user's tip. According to NRK, affected Nokia phones collected user data every time the devices were turned on, unlocked, or the screen was revived from a sleep state. Collected data included the phone's GPS coordinates, network information, phone serial number, and SIM card number. The data was sent to a server in China, located on the network of China Telecom. HMD Global didn't reveal to whom the server located at zzhc.vnet.cn belonged to. A Twitter user also independently reported the same suspicious traffic towards the zzhc.vnet.cn URL in early January, but his findings were mostly ignored. Based on NRK's investigation of the phone's firmware, the code responsible for the data collection was written circa 2014 and resided in a subfolder named "China Telecom," suggesting it was most likely intended to be deployed on phones sold only in China, to comply with local data collection laws. HMD Global said it already addressed the issue via an update that removed the unwanted code --see a copy of the code here, on GitHub. The Office of the Data Protection Ombudsman of Finland is currently investigating the incident. Source Link to comment Share on other sites More sharing options...
Image: Josh Miller/CNET HMD Global, the Finnish company that sublicensed the Nokia smartphone brand from Microsoft, is under investigation in Finland for collecting and sending some phone owners' information to a server located in China. In a statement to Finnish newspaper Helsingin Sanomat, the company blamed the data collection on a coding mistake during which an "activation package" was accidentally included in some phones' firmware. HMD Global said that only a single batch of Nokia 7 Plus devices were impacted and included this package. The data collection was exposed today in an investigation published by Norwegian broadcaster NRK, which learned of it from a user's tip. According to NRK, affected Nokia phones collected user data every time the devices were turned on, unlocked, or the screen was revived from a sleep state. Collected data included the phone's GPS coordinates, network information, phone serial number, and SIM card number. The data was sent to a server in China, located on the network of China Telecom. HMD Global didn't reveal to whom the server located at zzhc.vnet.cn belonged to. A Twitter user also independently reported the same suspicious traffic towards the zzhc.vnet.cn URL in early January, but his findings were mostly ignored. Based on NRK's investigation of the phone's firmware, the code responsible for the data collection was written circa 2014 and resided in a subfolder named "China Telecom," suggesting it was most likely intended to be deployed on phones sold only in China, to comply with local data collection laws. HMD Global said it already addressed the issue via an update that removed the unwanted code --see a copy of the code here, on GitHub. The Office of the Data Protection Ombudsman of Finland is currently investigating the incident. Source
neeraj Posted March 22, 2019 Share Posted March 22, 2019 In reality: Nokia firmware blunder sold some user data to China Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted March 25, 2019 Administrator Share Posted March 25, 2019 Really concerning this. They may have to try really hard for them win over my trust again after this. Link to comment Share on other sites More sharing options...
debebee Posted March 25, 2019 Share Posted March 25, 2019 HMD means Hand me your data 😄 Link to comment Share on other sites More sharing options...
tivstip Posted March 25, 2019 Share Posted March 25, 2019 no differenece between apple, promising that you have the most secure data and even fbi cant get it and a guy stole your photos and expose on internet kinda same thing Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.