Forgot your password?



Back to login

Vivo NEX confirms security concerns
July 30, 2018, 11:56 am
Share/Bookmark

Vivo NEX, the premium smartphone from China’s Vivo Communication Technology Company, launched in mainland China in mid-June and entered select markets, including India, Russia and Taiwan, last week. The latest Vivo model features several futuristic elements, including an almost bezel-less display, speakers and finger-print scanners below the screen, and a retractable front-camera that pops-up from the top edge of the phone.

The pop-up selfie camera, touted as the phone’s unique selling point, may ultimately prove to be its biggest downer. Users have complained that it is being used to snoop on their privacy. Privacy-related issues with Chinese manufactured devices, software and web applications are nothing new, as ‘backdoors’ that permit manufacturers and, by extension, the government, to spy on users’ activities have existed for a while now.

However, while in the past it was difficult for an individual to discern when a malignant phone or app turned on the selfie camera to snoop on an individual’s activity, the Vivo NEX reveals any such nefarious use by popping up each time it is activated.

Since its launch last month, many Chinese users have alleged that when they open certain applications on the Vivo NEX, including the popular QQ Browser provided by Chinese internet giant Tencent, the mobile device’s camera gets activated automatically thereby providing users with tangible evidence of how and when they are being monitored.

Tencent defended the feature by arguing that its QQ browser needed to activate the camera to scan QR codes. The company insisted that the camera would not take photos or audio recordings unless the user told it to do so, thus inadvertently admitting the extent to which the QQ browser could record users’ personal activities.

Incidentally, an independent report from the US-based Citizen Lab had confirmed in 2016 that all versions of the QQ Browser, whether for Android, Mac or Windows, transmitted personal user data to QQ servers in China without encryption or with easily decryptable encryption. The browser was also vulnerable to arbitrary code execution during software updates, which could technically enable any malevolent actor, whether private or government, to spoof a software update and install malicious code on a user’s device.

The ‘backdoors’ discovered, or lying latent, in many Chinese devices and software applications could potentially allow malicious actors to install arbitrary code that would enable them to collect personal data, track users and even take over a phone’s functioning

Another Vivo NEX user found that once she had installed Chinese internet-giant Baidu's voice input system, it would activate the phone’s camera and sound recording function whenever the user opened any application that inputs text. Baidu claimed that the self-activated recording allows the company to collect and adjust to background noise so as to prepare for and optimize its voice input function. This was again not reassuring to users — any microphone collecting background noise would also unquestionably capture the voices and conversations of a user and whomever they speak with face-to-face.

In response to public concern about these backdoor features, Baidu and other Chinese internet giants defend themselves by arguing that users have consented to having their cameras activated. But given the monopolistic nature of Chinese internet giants and their covert connections to the government, what power do ordinary users have to not giving permission, asked one user.

 

Share your views
CAPTCHA
 

"It is hard to fail, but it is worse never to have tried to succeed."

"Envy comes from wanting something that isn't yours. But grief comes from losing something you've already had."

Photo Gallery