this post was submitted on 25 Apr 2023

18 points (100.0% liked)

Technology

37713 readers

495 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago

MODERATORS

alyaza@beehaw.org

TheRtRevKaiser@beehaw.org

gyrfalcon@beehaw.org

rs5th@beehaw.org

Los@beehaw.org

coldredlight@beehaw.org

SemioticStandard@beehaw.org

TheRtRevKaiser@kbin.social

remington@beehaw.org

Smartphones With Popular Qualcomm Chip Secretly Share Private Information [LOW QUALITY ARTICLE - PLE (www.nitrokey.com)

submitted 2 years ago* (last edited 2 years ago) by tardigrada@beehaw.org to c/technology@beehaw.org

16 comments fedilink hide all child comments

Affected smart phones are Sony Xperia XA2 and likely the Fairphone and many more Android phones which use popular Qualcomm chips. The data is sent without user consent, unencrypted, and even when using a Google-free Android distribution. This is possible because the Qualcomm chipset itself sends the data, circumventing any potential Android operating system setting and protection mechanisms.

top 9 comments

sorted by: hot top controversial new old

[–] Hirom@beehaw.org 9 points 2 years ago* (last edited 2 years ago) (1 children)

Has anyone ~~else replicated it? or~~ have more specific information on affected phone&chips?

I tested with an Android phone that has a Qualcomm chip, but didn't see any DNS query for izatcloud.net. My test involved monitoring wifi traffic using a separate device, rebooting the android device, and disabling/enabling wifi a couple times.

This post include a few plugs for the NitroPhone (which is unaffected), and appear on the NitroPhone's vendor website. I wonder if they're overstating how widespread the issue is, which would benefit their device's marketing.

Update: found a couple fairphone forum threads that confirm the issue, and give more details.

Forum post “Smartphones With Popular Qualcomm Chip Secretly Share Private Information With US Chip-Maker” on April 25 2023 where an user notice queries for izatcloud.net in his pihole logs "at night". This would explain why my short test during the day didn't catch this.
Forum post "Telemetry, Spyware, list of privacy threats on FP3 Android 9" on Dec 19 2019, that links izatcloud.net to a GPS system app.

[–] rysiek@szmer.info 12 points 2 years ago (1 children)

Looks like it's less suspicious (but still crap):
https://mstdn.social/@larma@mastodon.social/110260142005927299

IZAT/XTRA is Qualcomm's alternative to Google's network location system. It's entirely running in userspace, not in firmware. Its configuration and proprietary client library can be found on the /vendor partition of many qualcomm devices that run LineageOS or derivatives and is considered by LineageOS to be part of the device specific proprietary vendor blobs that need to be included for a fully functional system (even if it's typically possible to run without it).

[–] Hirom@beehaw.org 6 points 2 years ago

Good to know. Userspace means there's some hope of disabling this, possibly without root.

[–] loki@lemmy.ml 8 points 2 years ago* (last edited 2 years ago)

A comment on this by GrapheneOS reddit account here:

NitroKey did not discover a backdoor. The post is very sensationalized and it's unfortunate they didn't run this by us first. The title used for the post here is editorialized and doesn't match what the article actually states. This is not a backdoor.

XTRA (PSDS) is an entirely separate thing from Qualcomm's IZat service. XTRA (PSDS) simply provides static downloads via HTTPS GET requests of GNSS almanac data, i.e. the predicted locations of satellites for around a week in the future. XTRA is just Qualcomm's proprietary branding for PSDS which is also used by every other major GNSS (GPS, GLONASS, etc.) implementation including Broadcom.

IZat is a network location service similar to the Google and Apple services where devices can send a list of nearby cell towers, Wi-Fi networks and Bluetooth devices with their signal strength to receive back a location estimate. It also seemingly supports other features like location sharing. IZat appears to be a fairly privacy invasive service but it's not enabled by default and is not directly related to XTRA.

Qualcomm used to use izatcloud.net for both IZat and XTRA which are entirely separate services. They moved XTRA to xtracloud.net to make it clear that it's a separate thing. Some devices using an older SoC or configuration may still use the confusing izatcloud.net URLs leading to people mixing up these things up.

On Qualcomm Pixels, XTRA (PSDS) is implemented by xtra-service within the OS and SUPL is implemented by the cellular radio firmware. The OS chooses the URLs used for both XTRA and SUPL. Pixel/Nexus phones never integrated IZat. We have seen South Korean Qualcomm SoC phones providing the option to use IZat and it seems like it might be widely used there. It does not seem to be widely used internationally and is not simply enabled by default without users choosing to opt into using it. XTRA is normally always used since it's just a static download.

On Tensor Pixels, PSDS is done with the standard AOSP PSDS implementation and SUPL is done within the OS by Broadcom gpsd. We prefer the Tensor Pixel approach, but it doesn't mean that the Qualcomm approach is less private. We just prefer having control over it within the OS.

It is possible Qualcomm moved XTRA (PSDS) handling into firmware similar to SUPL on newer devices. We haven't confirmed that ourselves since we aren't currently doing research and development for newer Qualcomm devices. We do prefer the Tensor platform over Snapdragon, but this is barely a factor.

There are no known backdoors in either Snapdragon or Tensor, and no one has found any evidence of any backdoors. The post title here is simply wrong. People not knowing about XTRA (PSDS) or SUPL doesn't make them a backdoor.

SUPL is much more of a privacy issue than XTRA, since SUPL involves sending a list of nearby cell towers with their signal strength to a server which helps with accelerating obtaining a satellite-based location lock.

We document these topics here:

https://grapheneos.org/faq#default-connections

https://grapheneos.org/faq#other-connections

[–] tardigrada@beehaw.org 5 points 2 years ago (2 children)

In the meantime I got similar additional information as @loki did. Seems to be more advertising than information.

Should I delete the post?

[–] admin@beehaw.org 4 points 2 years ago

Should I delete the post?

Please, no.

[–] lemming_7765@lemmy.ml 4 points 2 years ago (1 children)

Maybe edit the title so that people not reading the comments (and the article) are aware? 🤔

[–] tardigrada@beehaw.org 3 points 2 years ago (1 children)

Done.

[–] lemming_7765@lemmy.ml 3 points 2 years ago

👍

load more comments