Mobile Phone Chip Company Collects User’s Private Data

Uploaded on 2023-05-17 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The smartphone is a device we trust with many of our secrets and is a ubiquitous device which many users carry with them all the time. When we use our mobile phones we expect to have a high degree of privacy. Whether we’re making a call, sending a text or browsing the web, we assume we have full control over who can see or hear what we’re doing. 

The reality is that someone could be listening in and you might never know and now, Qualcomm a US company specialising in manufacturing wireless telecommunications hardware has allegedly been secretly collecting user data.

Qualcomm's technology is used in various mobile devices, including smartphones, wearables, as well as industrial and automotive applications. They contribute to wireless technology development, such as 5G, Bluetooth, and Wi-Fi 6. The company specialises in several other technologies used across the wireless ecosystem, including AR/VR and features for device charging.

Chips produced by the company are used in approximately 30% of all Android devices, as well as some Apple smartphones.

Research published by IT security hardware firm Nitrokey claims that hardware produced by Qualcomm was uploading users’ private data, including IP addresses, to a cloud attributed to the company without their consent. As data sharing with Qualcomm is not mentioned in Sony’s terms of service (the vendor of the device used by a researcher), Android, or non-Google /e/OS operating systems, this might violate General Data Protection Regulation laws (GDPR).

Nitrokey claims that on top of the concerns regarding consent, the data packages are sent via the HTTP protocol and are not encrypted using HTTPS, SSL, or TLS. This makes them vulnerable to attacks. By collecting this data and creating record history using the phone’s unique ID and serial number, anyone on the network, including malicious actors, government agencies, network administrators, and telecom operators could easily spy on users.

According to Qualcomm, the collection of information was in accordance with their privacy policy that states the following: “Through these software applications, we may collect location data, unique identifiers (such as a chipset serial number or international subscriber ID), data about the applications installed and/or running on the device, configuration data such as the make, model, and wireless carrier, the operating system and version data, software build data, and data about the performance of the device such as performance of the chipset, battery use, and thermal data... We may also obtain personal data from third party sources such as data brokers, social networks, other partners, or public sources.”

Both Apple and Android with their App Store and Google Play Store are spying on its paying customers. As a private alternative some people prefer to install a Google-free version of Android on their ordinary smartphone.

Nitrokey:     I-HLS:     Cybernews:      Daily Mail:    TMB:    Reddit:    CGTN:

You Might Also Read: 

Spying On Mobile Phone Calls:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« 5G Renders Smart Cities More Vulnerable To Attacks
Google’s New Cyber Security Certificate Program »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

4ARMED

4ARMED

4ARMED services cover the end-to-end experience of securing modern software, from design and build through to deploy and test.

IdenTrust

IdenTrust

IdenTrust enables organizations to effectively manage the risks associated with identity authentication.

Identillect Technologies

Identillect Technologies

Identillect Technologies provide a user-friendly secure email solution to protect critical information, with an emphasis on simplicity.

SQNetworks

SQNetworks

SQNetworks provides a full range of cybersecurity consultancy, services and solutions.

Trustonic

Trustonic

Trustonic is a leader in the device security market. Our mission is to protect apps, secure devices & enable trust.

Identifi Global Recruitment

Identifi Global Recruitment

Identifi Global is one of the UK's leading Cyber Security & IT Recruitment specialists.

Kiuwan

Kiuwan

Kiuwan provide software security solutions with SAST and SCA source-code analysis that fit into your DevOps process.

DeepSeas

DeepSeas

DeepSeas is the result of a merger between Security On-Demand (SOD) and the commercial Managed Threat Services (MTS) business of Booz Allen Hamilton.

ShardSecure

ShardSecure

ShardSecure Microshard technology eliminates data sensitivity, providing security, privacy and compliance beyond encryption.

Glocomp Systems

Glocomp Systems

Glocomp Systems is one of Malaysia’s premier ICT infrastructure distributor offering a comprehensive portfolio of solutions including cybersecurity and privacy.

NTT Group

NTT Group

NTT offers agile, scalable technology services to bring it all together seamlessly, securely, and sustainably. We help you adopt a holistic security approach across your network, clouds, applications.

Secure Diversity

Secure Diversity

Secure Diversity is an innovative non-profit organization with leaders that think out of the box to create strategies & solutions to increase diversity in the cybersecurity industry.

Sure Valley Ventures

Sure Valley Ventures

Sure Valley Ventures is an entrepreneur led venture capital fund focused on helping software entrepreneurs grow and scale businesses that will have a global impact.

NASK

NASK

NASK is a National Research Institute under the supervision of the Chancellery of the Prime Minister of Poland. Our key activities involve ensuring security online.

HWG Sababa

HWG Sababa

HWG Sababa is a cybersecurity provider that offers a comprehensive suite of strategic managed security solutions, services, and consultancy.

ANY.RUN

ANY.RUN

ANY.RUN is an interactive online malware analysis service created for dynamic as well as static research of multiple types of cyber threats.