In the last couple of days. A computer savvy customer bought a Huawei P30 phone in Thailand only to discover later that it’s been maliciously querying to a server in mainland China. He was able to capture this data and is posted in Github here. So you see, The version of the ROM is EMUI 9.1.0 (Build number 18.104.22.168) and is running on Android 9. It is running standard built-in apps built by Huawei.
He also made sure that the phone applications were set to “Do not accept to share information” and would explicitly require user permission when sharing data between apps or through third-parties. Also, worth noting is that the device hasn’t yet even been configured with any of Huawei services, including Huawei ID or any Hi services.So technicaly speaking, the malicious querying on servers out in mainland China without the users permission is pretty sketchy.
Huawei? China’s spy company?
For quite some time now. Huawei had been accused of spying for the Chinese government and has since been blocked out of exporting it’s 5G technology in most countries in the West fearing possible mass surveillance of their citizens by Chinese authorities. Which makes perfect sense since most companies in China were controlled by its own government and that anytime the Chinese government request information or access to its database then Huawaei must give in. The West fears that should China’s 5G technology overtakes the US and allows what we call to us the ‘internet of things” which connects traffic lights, police intelligence networks, street CCTV’s, drones, military hardware, microwave, refrigerator, etc then it’s highly going to give in tons of strategic intelligence data to Chinese authorities which put a country’s national security at risk.
“..Huawei is a Chinese state-directed telecom company with a singular goal: undermine foreign competition by stealing trade secrets and intellectual property, and through artificially low prices backed by the Chinese government..” SEN. MARCO RUBIO (R-FL)
This must also be the reason why you get the device at an insanely low price compared to its competitors, of course, you gotta be prepared to give up your privacy and personal data to Chinese authorities as they’d be more capable on checking your browsing habits, messages, emails, etc more than ever. It’s like having your personal ‘Big Brother’ but you don’t actually know it. And that is as crazy as it sounds. But it could be true. Here’s why.
DNS analysis shows that Huawei P30 smartphone communicates to a Chinese server without the user’s authorization?
Furthermore, user pe3zx of GitHub also showed the captured DNS queries
Also, according to him. The DNS requests to beian.gov.cn were made by running grep -arl “.cn” /var/log/syslog*
The list of DNS addresses includes beian.gov.cn, which was registered by Alibaba Cloud and managed by China’s Ministry of Public Security, according to Whois.com. Another frequently listed request was sent to china.com.cn, which was registered by EJEE Group and operated by China’s state-run mouthpiece the China Internet Information Center, according to Whois.com. Sketchy isn’t it? Why would the Chinese government be a recipient of just a simple search query on Huawei phones overseas?
Although, after just several hours of posting his findings. The user pe3zx took his statements back and speculated that this query may not have been initiated by the phone itself but rather something he incidentally did by doing ‘Baidu’ searches. However, this really doesn’t explain the fact that Chinese run government agencies were recipient to these private consumer data?
As my piece of advice — Don’t buy any of these phones. I might suggest buying branded phones like Samsung, Apple, Nokia etc but don’t purchase Chinese knockoffs and sketchy Chinese phones you see off in Lazada. Don’t let your copious personal and private data be stolen by Chinese authorities.