Mobile Phone Chip Company Collects User’s Private Data

Uploaded on 2023-05-17 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The smartphone is a device we trust with many of our secrets and is a ubiquitous device which many users carry with them all the time. When we use our mobile phones we expect to have a high degree of privacy. Whether we’re making a call, sending a text or browsing the web, we assume we have full control over who can see or hear what we’re doing. 

The reality is that someone could be listening in and you might never know and now, Qualcomm a US company specialising in manufacturing wireless telecommunications hardware has allegedly been secretly collecting user data.

Qualcomm's technology is used in various mobile devices, including smartphones, wearables, as well as industrial and automotive applications. They contribute to wireless technology development, such as 5G, Bluetooth, and Wi-Fi 6. The company specialises in several other technologies used across the wireless ecosystem, including AR/VR and features for device charging.

Chips produced by the company are used in approximately 30% of all Android devices, as well as some Apple smartphones.

Research published by IT security hardware firm Nitrokey claims that hardware produced by Qualcomm was uploading users’ private data, including IP addresses, to a cloud attributed to the company without their consent. As data sharing with Qualcomm is not mentioned in Sony’s terms of service (the vendor of the device used by a researcher), Android, or non-Google /e/OS operating systems, this might violate General Data Protection Regulation laws (GDPR).

Nitrokey claims that on top of the concerns regarding consent, the data packages are sent via the HTTP protocol and are not encrypted using HTTPS, SSL, or TLS. This makes them vulnerable to attacks. By collecting this data and creating record history using the phone’s unique ID and serial number, anyone on the network, including malicious actors, government agencies, network administrators, and telecom operators could easily spy on users.

According to Qualcomm, the collection of information was in accordance with their privacy policy that states the following: “Through these software applications, we may collect location data, unique identifiers (such as a chipset serial number or international subscriber ID), data about the applications installed and/or running on the device, configuration data such as the make, model, and wireless carrier, the operating system and version data, software build data, and data about the performance of the device such as performance of the chipset, battery use, and thermal data... We may also obtain personal data from third party sources such as data brokers, social networks, other partners, or public sources.”

Both Apple and Android with their App Store and Google Play Store are spying on its paying customers. As a private alternative some people prefer to install a Google-free version of Android on their ordinary smartphone.

Nitrokey:     I-HLS:     Cybernews:      Daily Mail:    TMB:    Reddit:    CGTN:

You Might Also Read: 

Spying On Mobile Phone Calls:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« 5G Renders Smart Cities More Vulnerable To Attacks
Google’s New Cyber Security Certificate Program »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Virus Bulletin

Virus Bulletin

Virus Bulletin is an online security information portal and certification body, providing users with independent intelligence about the latest developments in the global threat landscape.

Andrisoft

Andrisoft

Andrisoft develops WANGUARD, an anti-DDoS Software solution that monitors IP traffic using packet-based and flow-based Sensors, and protects networks

HPE Aruba Networking

HPE Aruba Networking

HPE Aruba Networking, a Hewlett Packard Enterprise company, is a leading provider of next-generation network access solutions for the mobile enterprise.

CyberOne

CyberOne

CyberOne (formerly Comtact) offer a full stack cybersecurity service to ensure our customers understand the cyber maturity of their organisation.

Preempt Security

Preempt Security

The Preempt Platform delivers adaptive threat prevention that continuously preempts threats based on identity, behavior and risk.

Rhebo

Rhebo

Rhebo Industrial Protector monitors and ensures the continuous, correct, and predictable operation of real-time Industrial Control Systems to prevent outages and reduce downtimes.

Solana Networks

Solana Networks

Solana Networks is a specialist in IT networking and security.

Cyberlitica

Cyberlitica

Cyberlitica (formerly iPhish) provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

Safetica

Safetica

Safetica Technologies is a Czech software company that delivers data protection solutions for businesses of all types and sizes.

Alpine Cyber Solutions

Alpine Cyber Solutions

Alpine Cyber is a Managed IT Service Provider focused on cybersecurity and cloud services.

Nostra

Nostra

Nostra are a next generation managed services provider with a constant focus on Security and Business Continuity.

StrikeReady

StrikeReady

StrikeReady have developed CARA, an advanced technology solution that offers personalized and proactive assessment and remediation of future and current risk in real-time.

Oz Forensics

Oz Forensics

Oz Forensics is a global leader in preventing biometric and deepfake fraud. It is a developer of facial Liveness detection for Antifraud Biometric Software with high expertise in the Fintech market.

Convergence Networks

Convergence Networks

Convergence Networks is one of North America's leading Managed Services & Security Providers.

M6iT Consulting

M6iT Consulting

M6iT Consulting is an industry-leading solution partner managing the IT requirements for a full range of companies.

Layer 8 Security

Layer 8 Security

Layer 8 Security is a cybersecurity advisory, consulting, and technical services firm that arms businesses with practical compliance, risk management, and security program strategies.