The smartphone has now become our life companion, a must-have item that accompanies us from morning when we wake up in the evening when we get to bed (sleeping at our side in many cases). They spend the best moments with us, immortalizing them in beautiful photos and comfort us by connecting us to our friends in the worst moments. But can we really trust them? Does they keep something hidden from us? Can we really give the smartphone access to all the details of our lives without risk?
"Cheap smartphones are getting good and good smartphones are getting cheaper," said the famous YouTuber Marques Brownlee, who defines the trend we have seen in recent years. How could it go wrong?
Cheap smartphones are becoming better
The first bargain-basement Android smartphones were dogged by slow performance and unreliability but those times have passed by now and now any smartphone is able to meet the essential functions and even many extras in everyday life.
Even Android smartphones from little-known Chinese companies, usually of lesser quality than the competition, have now made the leap in quality and nowadays we can take home a smartphone with FullHD display, a double camera and a LTE data connection for under $200. At this figure, years ago, we could aspire to a smartphone with only basic functions and it took all our reserves of patience and calm to actually use the clunky thing.
Mid and low end smartphones share a metal unibody or glass case with top-of-the-range smartphones. There are cheap smartphones with bezel-less displays, fast fingerprint readers and even 6 or 8GB of RAM, not that there was a real need. What is usually lacking is the power and responsiveness that distinguishes the top-of-the-range as well as of course cameras with higher quality and high definition displays.
Good smartphones are becoming cheaper
On the other hand, it's equally true that we can find smartphones with the same competitive hardware as the most popular top-of-the-range ones at much lower prices, for example with Xiaomi Mi MIX 2 and OnePlus 5T. Yes, it's true, maybe we can't count on edge displays like the Galaxy S8, we don't find super resolute panels like that of Xperia XZ Premium or maybe we don't find all the extra functions given by artificial intelligence as happens on Google Pixel 2.
However, these smartphones can all hold their own with impeccable performance, brightly colored displays (although perhaps a step further down in resolution), eye-catching aesthetics and cameras worthy of the name. Sometimes they can also boast of software updated faster than the big players in the industry, which can be a big advantage from the user's point of view.
OnePlus 5T, thanks to its strengths, positions itself head-to-head with the industry's big players and the sales record announced by co-founder Carl Pei on Twitter confirms how top-of-the-range smartphone features at a discounted price can make a difference.
This discount can sometimes cost us dearly
Sometimes, behind these super cheap prices and these smartphones that look like unmissable offers, there are some really unpleasant surprises. I'm not just talking about small hardware flaws such as the fake second camera in the Doogee Mix or disappointing performance. I don't mean software that will never be updated or stays full of bugs and problems. This is about the lack of security when it comes to our data.
It is not the first time, in fact, that Chinese smartphones from little-known companies are surprised with their hand in the cookie jar while sending our data without consent to servers rented in Asia. This is usually done with pre-installed system applications and sometimes you can block these apps by uninstalling them.
Other times these processes, whose sole purpose is to spy on the use of the smartphone and the internet, are hidden and rooted within the system itself and it is impossible to control them from the user end.
By relying on the best known brands, we are safe.... right?
Well, ok. So you resolve not to buy any smartphones of dubious origin, no matter how tempting the price. But sometimes this may not be enough. Recently, even more well-known companies such as Wiko and OnePlus have had some problems with the privacy of their users.
<Thread> Hi @WikoMobile 👋! Let's talk about the ApeSaleTracker and ApeStsMonths apps found in your phones.— Elliot Alderson (@fs0c131y) November 19, 2017
These apps are pre-installed system apps which send regularly and silently the user infos to a Chinese 3rd party called Tinno by HTTP or SMS without user consent
It was recently discovered that the French company Wiko pre-installed applications inside some of its smartphones that collected some smartphone data to send them to the servers of the Chinese company Tinno without the knowledge of the user.
Wiko confirmed the collection of data with an official statement on its website and stated that the Sales Tracking System (STS) will be disabled and replaced with a new, more discreet sales tracking system. However, it denied that the data was sent to Chinese servers as stated by the Twitter user @fs0c131y, who first raised attention to the problem. Our French colleagues at Frandroid have followed the matter closely and gone into more detail.
And your beloved OnePlus? Well, problems with OnePlus have only been multiple in the last few months of this 2017. The company collects smartphone usage data for improving Oxygen OS and this is quite normal. Keeping track of the applications used, the WIFI networks to which smartphones connect and all the various OS activities are part of the data collection useful to companies and almost all of them collect this information. The problem is that OnePlus also collected the IMEI code, telephone number and telephone networks to which its smartphones were connected into its database, making this so called "anonymous" data usage information very easily identifiable indeed.
The data was divided into two different streams: the first with usage information and the second with device data. Carl Pei said the company will stop collecting sensitive data and smartphones will be updated to fix the problem. In addition, he said that it is possible at any time to stop transmitting data using the first stream by disabling an appropriate entry in the settings. But it does not end here.
<Thread> Hi @OnePlus 👋! How are you today? Let's talk about the OPBugReportLite found in your phone.⁰This app is a pre-installed system app which sends silently, every 6 hours, the battery stats, kernel panics, watchdogs, ANRs and all crashes of your device to Singapore.— Elliot Alderson (@fs0c131y) November 21, 2017
A few days ago @fs0c131y reported that another application pre-installed inside OnePlus smartphones collected additional data such as battery statistics, panic kernels and other system information, sending it every 6 hours to a server located in Singapore.
Not only that, after further investigations on the subject, it has been discovered that the configuration of this application can be changed remotely and contains methods (not currently used fortunately) to send information about GPS (TYPE_LOGGING_GPS), bluetooth (TYPE_LOGGING_BT), information about the camera (TYPE_LOGGING_CAMERALOG) and the media you watch or listen to (getMediaFile).
We contacted OnePlus for an official statement on this, but the answer we were given is that the company representatives are too busy promoting OnePlus 5T on the European tour to comment. Of course, the matter is still open and we will come back to it when new information becomes available and when OnePlus issues an official statement on this issue.
Google is no angel, either
The Mountain View company also ended up in the eye of the cyclone as it was discovered that despite the deactivation of localization in Android smartphones, devices continued to collect data on nearby cell phone towers, allowing for another type of user localization. Google stated that the collection began in 2017 but the data were immediately discarded and never used in any way. The company said that this data collection would be done in an attempt to improve the sending and speed of receipt of notifications of Android smartphones on the data network but that the project was abandoned and not completed.
The collection of CellID has already been deactivated, but according to some British and Korean government agencies this is an invasion of privacy because, if a person decides not to be located, the collection of this type of information violates the rights of the user. Google is still not officially under investigation but further information has been requested, but in my opinion it is not as alarming the violations of trust made by OnePlus and Wiko.
Is our privacy in danger?
Well, yes and no. The answer depends very much on your conception of privacy.
Most companies collect anonymous smartphone usage data by grouping statistics on battery, installed applications, crashes and much more. However, this data is anonymous and is not linked to any phone number, Google account or anything else that may link the data to a specific user. This makes the collection and sending of data possible without identifying a particular person, but it may not be enough for some.
For example, my concept of privacy isn't very extreme and I am willing to share my usage data and also some of my personal information if this can help improve my experience as a user. That's why I have no problem keeping all my Google accounts synchronized, using Google Photos to back up my shots and I have no problem keeping GPS location active by sharing it with some apps and services. All this is fine provided I am aware of what I am sharing.
Sending my data for the purpose of creating statistics, improving the services offered by a particular company or simply for the sale and financing of a manufacturer is fine provided that I be notified and able to choose whether to take part. I believe that many people like me do not have any problems sharing information, but only with our express consent.
When this invasion of privacy occurs silently, invisibly and without choice, it means that something shady is about to be done with my data and that's not good for me at all. For this reason, I prefer to continue using services that use all my information but make it available to me and I avoid companies that have problems with transparency.
However, if you choose to use an internet-connected smartphone (whatever the brand or operating system) you have to consider that a lot of data will be shared and this is really unavoidable.
What do you think about it? What is your idea of privacy? Do you take special precautions to secure your data on the internet and smartphone?