When you think it over you will feel horrible Millet phone hidden backdoors can remotely install a

Wang Xiaoer and his neighbor Zhang bought a goose.

Zhang produced goose claims to all in one service, if the sick goose will be responsible in the end, or cure, or change the goose. But recently, Wang Xiaoer found that Zhang Daniu in Wang Xiaoer don’t notice or in the middle of the night when no whisper to Wang secretly pick up goose dung yard.

Wang Xiaoer wonder, Zhang: what are you doing? Is not after my Tracy? He got angry at the market questioned Zhang Daniel, Daniel Zhang said only to pick up the goose dung beyond dispute, to see the goose is not sick.

Wang Xiaoer doubted, he is very angry, that means after another from time to time there is an out to my Liu Liushun point

?

the country love story may have something to do with what we’re talking about today.

you may have been accustomed to this scene – the new phone will be preloaded with some APP, how can not delete delete. However, the mobile phone manufacturers will be installed on your phone APP and whether there will be a special purpose of the pre installed applications will threaten the security and privacy of the host

?

Holland, a guy on this question.

he is millet 4 users. Guy one day found that the phone preloaded with a AnalyticsCore.apk (com.miui.analytics) application, will automatically run in the background.

The

guy is very angry, he does not love the application without permission to collect user information, so it was found that the application of reverse engineering, every 24 hours will visit millet official server to check for updates, it will send the request at the same time in identifying information transmission equipment, including hand machine models, IMEI, MAC address, Nonce and the package name and signature. If the server has an update application named Analytics.apk, it will automatically download and install, the entire process without user intervention.

if the application is installed without any verification, the vulnerability can be exploited by hackers, or millet only need to rename to install applications for Analytics.apk can be pushed to the user, and the device is sent through the HTTP request and receive updates, which means users vulnerable to man in the middle attack.

looks like a big news is coming out!

 

this, millet spokesman said,

AnalyticsCore is built in the MIUI system components, mainly used to analyze the data to enhance the user experience, such as MIUI Error Analytics – millet system error analysis.

for security reasons, MIUI will check the Analytics.apk application signature during the installation and upgrade of the software

Leave a comment

Your email address will not be published.


*