Mobile Phone Chip Company Collects User’s Private Data

The smartphone is a device we trust with many of our secrets and is a ubiquitous device which many users carry with them all the time. When we use our mobile phones we expect to have a high degree of privacy. Whether we’re making a call, sending a text or browsing the web, we assume we have full control over who can see or hear what we’re doing. 

The reality is that someone could be listening in and you might never know and now, Qualcomm a US company specialising in manufacturing wireless telecommunications hardware has allegedly been secretly collecting user data.

Qualcomm's technology is used in various mobile devices, including smartphones, wearables, as well as industrial and automotive applications. They contribute to wireless technology development, such as 5G, Bluetooth, and Wi-Fi 6. The company specialises in several other technologies used across the wireless ecosystem, including AR/VR and features for device charging.

Chips produced by the company are used in approximately 30% of all Android devices, as well as some Apple smartphones.

Research published by IT security hardware firm Nitrokey claims that hardware produced by Qualcomm was uploading users’ private data, including IP addresses, to a cloud attributed to the company without their consent. As data sharing with Qualcomm is not mentioned in Sony’s terms of service (the vendor of the device used by a researcher), Android, or non-Google /e/OS operating systems, this might violate General Data Protection Regulation laws (GDPR).

Nitrokey claims that on top of the concerns regarding consent, the data packages are sent via the HTTP protocol and are not encrypted using HTTPS, SSL, or TLS. This makes them vulnerable to attacks. By collecting this data and creating record history using the phone’s unique ID and serial number, anyone on the network, including malicious actors, government agencies, network administrators, and telecom operators could easily spy on users.

According to Qualcomm, the collection of information was in accordance with their privacy policy that states the following: “Through these software applications, we may collect location data, unique identifiers (such as a chipset serial number or international subscriber ID), data about the applications installed and/or running on the device, configuration data such as the make, model, and wireless carrier, the operating system and version data, software build data, and data about the performance of the device such as performance of the chipset, battery use, and thermal data... We may also obtain personal data from third party sources such as data brokers, social networks, other partners, or public sources.”

Both Apple and Android with their App Store and Google Play Store are spying on its paying customers. As a private alternative some people prefer to install a Google-free version of Android on their ordinary smartphone.

Nitrokey:     I-HLS:     Cybernews:      Daily Mail:    TMB:    Reddit:    CGTN:

You Might Also Read: 

Spying On Mobile Phone Calls:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« 5G Renders Smart Cities More Vulnerable To Attacks
Google’s New Cyber Security Certificate Program »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Arcitura Education

Arcitura Education

Arcitura is a leading global provider of progressive, vendor-neutral IT training and certification programs.

Fortify Experts

Fortify Experts

Fortify Experts is a search and recruitment firm specializing in Cyber Security.

Fenror7

Fenror7

Fenror7 lowers the TTD (Time To Detection) of hackers, malwares and APTs in enterprises and organizations from 300 days on average to 24 hrs or less.

PSC

PSC

PSC is a leading PCI and PA DSS assessor and Approved Scanning Vendor.

SCADASUDO

SCADASUDO

SCADASUDO is a cyber solution architecture and design office, established by leading experts in the field of OT (Industrial control) and IT (information Technology).

McIntyre Associates

McIntyre Associates

McIntyre Associates is an Executive Search boutique specialized in recruiting for the Cybersecurity industry. Our clients range from Venture Capital backed startups to Fortune 100 companies.

MetaCert

MetaCert

MetaCert’s Zero Trust browser software reduces the risk of organizations being compromised with a phishing-led cyberattack by more than 98%.

QuantiCor Security

QuantiCor Security

QuantiCor Security is one of the world’s leading developers and manufacturers of quantum computer resistant security solutions for IT infrastructures and the Internet of Things (IoT).

SMARTEST

SMARTEST

SMARTEST is a world-class IT solutions provider active in the most challenging and demanding industries such as the oil and gas industries.

Paragon Cyber Solutions

Paragon Cyber Solutions

Paragon Cyber Solutions provides specialized security risk management and IT solutions to protect the integrity of your business operations.

Castlepoint Systems

Castlepoint Systems

Castlepoint Systems is a pioneer in information governance, risk and compliance as a service. An all-in-one solution offering powerful risk management, built in compliance, cybersecurity and audit.

ITQ Latam

ITQ Latam

ITQ Latam are specialists in cybersecurity, in a convergent ecosystem of technological solutions in infrastructure, cloud and security networks.

Sequentur

Sequentur

Sequentur is an award-winning Managed IT Services company. We are SOC 2 certified and provide Managed IT Services and Cybersecurity services to businesses nationwide.

Resemble AI

Resemble AI

Resemble AI is an innovator in Generative Voice AI technology and tools to combat AI fraud including audio watermarking and deepfake detection.

Blackwell Security

Blackwell Security

Blackwell is a driving force in healthcare cybersecurity, transforming how security operations are conducted within this critical sector.

Chorology

Chorology

Chorology is a leading provider of intelligently automated, data compliance and posture enforcement solutions.