Verizon mandates pre-installed spyware for all its Android customers

Does anybody offer a utility for phones which acts as a normal computer firewall? Facilitating the management of what processes can access what ports?

I would prefer a regular Linux distro for phones like Ubuntu or Debian which wasn’t deliberately compromised.

I suppose.

But if a smartphone can be an android, so can R2D2.

1 Like

Yeah, I bought a Huawei (albeit via their European website) and did have worries about data leakage/spyware but figured I’m less concerned about Chinese companies/government spying on me for some reason. I’d like to think Huawei are a big enough company to not pull that shit but I doubt it.

I’ll probably still consider OnePlus when it comes to buying my next phone too (not least because I can pronounce it).

1 Like

R2D2 is an Astromech Droid. In early novelizations the word was written with an apostrophe, so there’s definitely a relationship between the terms Android and Droid.

1 Like

We all know what a stickler George Lucas is for details and consistency and accuracy.

Twelve parsecs!

5 Likes

One moment please.

(The original title was: The First Horseman of the Privacy Apocalypse Has Already Arrived: Verizon Announces Plans to Install Spyware on All Its Android Phones )

3 Likes

Dorothy is so great! I got to meet her once, when her band came and played in a hole in the wall Eritriean restaurant a couple of years ago. Her and Mr. Chen are wonderful folks. They let me share their food!

3 Likes

What’s stopping Verizon from droping it on your phone once you sign up with them?

Access to the device? Installing software remotely without user permission is a security disaster waiting to happen.

So, will it start happening later this year, or next year?

1 Like

They don’t control the bootloader, which makes it much less likely, potentially not possible, for them to keep root access out of your hands or obtain it themselves; but, unfortunately, Android has handy features to improve the efficiency with which a carrier can enworsen a device as soon as it touches their network; all without pesky user interaction.

@anon73430903: initial support for the security disaster was added in Android 5.1 with UICC carrier privilege functions; and extended in Android 6.0.

2 Likes

Is there some kind of master list somewhere of mobile-phone-service providers doing business in the U.S. where they are ranked in order of “most evil” to “least evil”?

I avoided joining the cell-phone world for years just because it all seemed too complicated. To cut the Gordian knot I eventually just bought whatever they wanted to sell me at Radio Shack. I assume that’s not really the right answer.

1 Like

I don’t know of any such ranking; but the list is pretty short(unless you count teeny regional carriers; and treat MVNOs as fully distinct from their hosts).

Only Verizon, AT&T, T-Mobile, Sprint; and U.S. Cellular have more than a million subscribers; and U.S. Cellular only has coverage in 23 states.

I’m pretty sure that Verizon, the all-watching, black talon of Abbadon, despoiler of firmware, is an overwhelmingly solid choice for ‘most evil’.

Choices get trickier thereafter; because most of the competing carriers have to balance the ontological imperative to maximize their evil quota with the fact that their technical capabilities aren’t as impressive. Sprint, in particular, is sort of Verizon’s incompetent wannabe; same CDMA background and hostility to outside handsets; fondness for un-removable shitware; but since their coverage is markedly worse, they occasionally have to provide some token of benevolence in order to retain any customers in the face of “why choose the lesser of two evils?” concerns.

2 Likes

Others answered, but it’s basically that most bloatware like that is baked into the OS. If it’s not, I don’t have to run it. They can send it to me, but there’s no requirement to run it to use my phone.

Also, many T-Mobile handsets ship with unlockable bootloaders. You have to explicitly unlock them yourself, as they’re locked by default, but it can be done with just a few screen taps. The LG Stylo 2 Plus I’m using didn’t have much bloatware, either, and what wasn’t removable could at least be disabled.

On the other hand, just because the bootloader can be unlocked doesn’t mean you’ll actually find any custom ROMs for a particular phone, and then there was the spectacular implosion of CyanogenMod. I’m still pretty pissed about that, mostly because one of my older handsets was running very nicely with CM11 and still getting security updates until the collapse. There’s no LineageOS build for this model, either.

Rooted stock firmware has another drawback: you generally have to jump through many hoops (and then re-root if you can) if you want to keep your firmware up-to-date. Been there, done that, decided it wasn’t worth the trouble with my S2+.

1 Like

You can google for Android Firewall, there are a few. Even if they work, though, they leave loads of attack levels, a) on the application layer, like browser and plugins, b) in the hardware which is mostly a blackbox. The mobile engine chips themselves are notorious. I know of one vendor where the firmware for this chip contains a complete Android by itself. Even if they haven’t built in spyware, these things are basically never updated for security fixes. Phone security is one huge clusterfuck.

1 Like

[quote=“lava, post:36, topic:98002”]
How exactly does the GOP get to ban such rules “for ever”? How come I never heard of such actions, until we had a GOP government.[/quote]

Because the GOP is the anti-regulation party. The Congressional Review Act was passed to deal with the “problem” of federal agencies establishing regulations outside the legislative process. Under the CRA, if Congress decides to remove the regulation, that agency is also prohibited from introducing the same regulation again.

At this point, I believe the only way to undo this would be for Congress to pass a bill that explicitly enacts privacy rules. And we all know how easy it’s been to get legislation through these days.

3 Likes

I think that he more likely scenario is that Apple will install the spyware themselves, but they’ll get a share of the profits.

This topic was automatically closed after 5 days. New replies are no longer allowed.