Thursday, October 30, 2014

Sony Xperia Sending your Data To China Thanks to Baidu Spyware.

Update: See the bottom of the post to see an easy way to block  Baidu folder from being created.
Xperia Breach, Sony Xperia Phones Calling Beijing? http://snapvoip.blogspot.com/

Your Sony smartphone, with Android 4.4.x firmware, might be sending your personal data to China. You must be wondering why an American/Japanese firms phone be sending data to China. Only connection I can make is that they are made in China, just like your iPhone.Baidu Spyware, (as per Foresafe Mobile Security) is a threat to you and your data.
Screenshot1.png
IP 202.108.23.105 in the OS Monitor capture above is in Beijing, China. (China Unicom)
As revealed by a post on Sony forums, "Unknown folder baidu is created on starting phone each time", it looks like more than just a Baidu folder creation, to which Sony has responded saying that Baidu folder creation, will be removed in a future release. But it does not say anything calling Beijing (at least I could not find any).
One user on the forum posted the folder structure for the Baidu folder;
baidu (date 21/01/1970 08:35:27) main folder on /mnt/sdcard
    pushservice (same date & time as above)
          files
          one more folder with 2 SQLite databases in it
                pushstat_4.1.db
                pushstat_4.1.db-journal

XDA Forum also has a thread about the issue.
While waiting for the Sony to respond, one user posted the following procedure which disables MyXperia app/service and does not void the Sony warranty, like if the phone is rooted.

  1. Back up important data on the phone and do a factory reset.
  2. Start up the phone, go to Settings -> Apps -> Running and force stop the myXperia apps running (there are 2). Remove the baidu folder using File Kommander.
  3. Next, enable developer mode, Settings -> About Phone -> Click 7 times on the Build Number.
  4. Download or install the Android SDK. Install it. Connect the phone to the computer with USB cable.
  5. Next, run the adb tool in the android sdk's platform tools folder as (to be done in a command line window)
  6. adb shell <enter>
  7. <in the adb shell>pm block com.sonymobile.mx.android
  8. exit adb
  9. reboot
This will stop the Baidu folder from being created but there is no guarantee that the /system/libbdpush_V2_0.so library is not in use.

 Sony later responded that this is expected behavior for the MyXperia app and it is done to support both Chinese customers and Others outside China. But there are no explanations as to why users outside China connects to these Chinese servers, without any user interaction or permission.
Another user had a simple but effective solution, "First create a file named baidu on you PC. Then connect to PC through USB, delete the baidu folder and copy the baidu to your device. Now the baidu folder will not be created." Neat.

0 comments:

Blog Widget by LinkWithin