Mobile Phone Chip Company Collects User’s Private Data

Uploaded on 2023-05-17 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The smartphone is a device we trust with many of our secrets and is a ubiquitous device which many users carry with them all the time. When we use our mobile phones we expect to have a high degree of privacy. Whether we’re making a call, sending a text or browsing the web, we assume we have full control over who can see or hear what we’re doing. 

The reality is that someone could be listening in and you might never know and now, Qualcomm a US company specialising in manufacturing wireless telecommunications hardware has allegedly been secretly collecting user data.

Qualcomm's technology is used in various mobile devices, including smartphones, wearables, as well as industrial and automotive applications. They contribute to wireless technology development, such as 5G, Bluetooth, and Wi-Fi 6. The company specialises in several other technologies used across the wireless ecosystem, including AR/VR and features for device charging.

Chips produced by the company are used in approximately 30% of all Android devices, as well as some Apple smartphones.

Research published by IT security hardware firm Nitrokey claims that hardware produced by Qualcomm was uploading users’ private data, including IP addresses, to a cloud attributed to the company without their consent. As data sharing with Qualcomm is not mentioned in Sony’s terms of service (the vendor of the device used by a researcher), Android, or non-Google /e/OS operating systems, this might violate General Data Protection Regulation laws (GDPR).

Nitrokey claims that on top of the concerns regarding consent, the data packages are sent via the HTTP protocol and are not encrypted using HTTPS, SSL, or TLS. This makes them vulnerable to attacks. By collecting this data and creating record history using the phone’s unique ID and serial number, anyone on the network, including malicious actors, government agencies, network administrators, and telecom operators could easily spy on users.

According to Qualcomm, the collection of information was in accordance with their privacy policy that states the following: “Through these software applications, we may collect location data, unique identifiers (such as a chipset serial number or international subscriber ID), data about the applications installed and/or running on the device, configuration data such as the make, model, and wireless carrier, the operating system and version data, software build data, and data about the performance of the device such as performance of the chipset, battery use, and thermal data... We may also obtain personal data from third party sources such as data brokers, social networks, other partners, or public sources.”

Both Apple and Android with their App Store and Google Play Store are spying on its paying customers. As a private alternative some people prefer to install a Google-free version of Android on their ordinary smartphone.

Nitrokey:     I-HLS:     Cybernews:      Daily Mail:    TMB:    Reddit:    CGTN:

You Might Also Read: 

Spying On Mobile Phone Calls:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« 5G Renders Smart Cities More Vulnerable To Attacks
Google’s New Cyber Security Certificate Program »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

GFI Software

GFI Software

GFI Software works with System Administrators, IT Professionals and IT Executives to ensure that their IT infrastructures are monitored, managed, secured and compliant.

CCN-CERT

CCN-CERT

CCN-CERT is the Spanish national government computer security incident response centre.

Kenna Security

Kenna Security

Kenna Security is a risk intelligence & vulnerability management platform that helps prioritize and remediate vulnerabilities.

Digitronic Computersysteme

Digitronic Computersysteme

Digitronic focus on innovative software to protect your personal and sensitive corporate data.

sayTEC

sayTEC

sayTEC's mission is to develop and deliver next-generation products and services in encrypted data and voice transmission.

Neurosoft

Neurosoft

Neursoft is a fully integrated ICT company with Software Development, System Integration and Information Technology Security capabilities.

North European Cybersecurity Cluster (NECC)

North European Cybersecurity Cluster (NECC)

NECC promotes information security and cybersecurity-related cooperation and collaboration in the Northern European region in order to enhance integration into the European Digital Single Market.

ArmorText

ArmorText

ArmorText offers a seamless channel for communication and collaboration for organizations concerned with keeping communication data private and secure.

Anitian

Anitian

The Anitian Compliance Automation platform builds, configures, and monitors cloud environments to accelerate compliance for standards such as FedRAMP, PCI, ISO/GDPR and CJIS.

Whistic

Whistic

Whistic is a cloud-based platform that uses a unique approach to address the challenges of third-party risk management.

Wizard Cyber

Wizard Cyber

At Wizard Cyber, we simplify cyber security, delivering an advanced service that protects your high-risk assets from the complex threats that technology alone can miss, 24/7.

Axellio

Axellio

Axellio provides economic, end-to-end cyber security solutions designed for your team, environment, and security objectives, providing packet level visibility across your network.

National Cybersecurity Consortium (NCC) - Canada

National Cybersecurity Consortium (NCC) - Canada

The NCC’s mandate is to keep Canada’s cyber and critical infrastructures and citizens safe while ensuring Canada’s global competitiveness and leadership in cybersecurity.

Bright Security

Bright Security

Bright Security is a developer-centric Dynamic Application Security Testing (DAST) solution that helps organizations ship secure applications and APIs quickly and cost-effectively.

Heartland Business Systems (HBS)

Heartland Business Systems (HBS)

Heartland Business Systems serves commercial, public sector and small to medium business with results-driven and dedicated information technology services.

Kubus Hitam

Kubus Hitam

Kubus Hitam are a research-based company focused on cyber security. we strongly believe that innovation and safety are the two keywords for the future business market.