Privacy and Security with modern smartphones

Search This thread

dsef13

Member
Dec 7, 2022
16
2
Hello,


My first post here. Have been searching the answers to my questions for a couple of days with no luck.

Recently obtained a new smartphone and it required to check some check-boxes, giving my consent to their terms. Unless you agree you cannot proceed to turning on and using the device. When I read the User Agreement and Privacy Notice that I had to sign, I was astonished! Reading through this fairly long agreements, they have covered pretty much anything you can think of, I was getting the feeling that I had obtained a bomb and not a mobile device. A couple of things that shocked me most:

"(E) You grant to us a non-exclusive, worldwide, royalty-free, perpetual and irrevocable license to use and reproduce your User Generated Content to the extent necessary to provide the services associated with OPPO Phones and OPPO Software and any our other products and services."

"5.3 You acknowledge that we may, but have no obligation to, pre-screen, review, filter, modify, refuse, label, monitor or otherwise moderate any Third Party Content or User Generated Content or any part thereof, or to remove it from your OPPO Phone."


Am I reading it right? Is it a spy that I have obtained? It's not enough that they can monitor my own generated content on my own device, but they also want me to grant them the legal permission to moderate, alter and remove the content from my device?!

My questions:
1. Is it at all legal to do this? I guess that if you sign for it then it is supposed to be legal
2. How do they do it technically? Do they create backdoors in their devices to provide access?
3. How can we protect ourselves (yet using the device)? I had thought that a custom ROM (LineageOS or other) would do the job, but haven't found one for this device.

I hope that I am not the first one reading and paying attention to small letters.

Thanks
 

dsef13

Member
Dec 7, 2022
16
2
Thanks for the prompt response.

1. Thought so
2. I can see their point in trying to cover themselves from anything, but if they are clearly stating that they have the right to remove content from my device, doesn't it mean that they have the corresponding means for doing this?
3. I guess no one expects a 100% protection, but at least knowing that you're not 100% prone to external activity on your device...
 

blackhawk

Senior Member
Jun 23, 2020
11,548
4,731
Samsung Galaxy Note 10+
The CCP comes embedded in all Chinese phones🤣
Sounds like a raw deal to me. First thing to do is disable all manufacturer, app and carrier feedback. Then firewall lock it down. If an app doesn't intrinsically need (ie browser, cloud based etc) it doesn't need internet access.

That EULA is worse than the Samsung Bixby EULA, and that one is bad enough that I won't enable it. Wearables is pretty invasive too, I firewall blocked it after activated.
 

dsef13

Member
Dec 7, 2022
16
2
The CCP comes embedded in all Chinese phones🤣
Sounds like a raw deal to me. First thing to do is disable all manufacturer, app and carrier feedback. Then firewall lock it down. If an app doesn't intrinsically need (ie browser, cloud based etc) it doesn't need internet access.

That EULA is worse than the Samsung Bixby EULA, and that one is bad enough that I won't enable it. Wearables is pretty invasive too, I firewall blocked it after activated.
I don't think there is a way to explicitly disable each App's internet access in the stock ROM. Or did you mean using a firewall for that?
 

blackhawk

Senior Member
Jun 23, 2020
11,548
4,731
Samsung Galaxy Note 10+
I don't think there is a way to explicitly disable each App's internet access in the stock ROM. Or did you mean using a firewall for that?
Yeah a firewall. Stops unwanted updates too.
Man's best friend.
Screenshot_20221207-151310_Karma FW.jpg
 

dsef13

Member
Dec 7, 2022
16
2
OK, thanks for that. Actually never used a firewall on mobile device, let alone mobile - all I have on my PC is the Windows Defender. Years ago used to have antivirus and firewall programs, till eventually got pissed of them being like a virus themselves :ROFLMAO:

Anyway, sounds like a must have and my best bet on a smartphone.

Yet, will ask it again: if they are clearly stating that they have the right to remove content from my device, doesn't it mean that they have the corresponding means for doing this? By that I mean, don't they have some hardcoded means in their stock ROM of accessing the device and no matter you blocking all apps?
 

blackhawk

Senior Member
Jun 23, 2020
11,548
4,731
Samsung Galaxy Note 10+
OK, thanks for that. Actually never used a firewall on mobile device, let alone mobile - all I have on my PC is the Windows Defender. Years ago used to have antivirus and firewall programs, till eventually got pissed of them being like a virus themselves :ROFLMAO:

Anyway, sounds like a must have and my best bet on a smartphone.

Yet, will ask it again: if they are clearly stating that they have the right to remove content from my device, doesn't it mean that they have the corresponding means for doing this? By that I mean, don't they have some hardcoded means in their stock ROM of accessing the device and no matter you blocking all apps?
That's an insane EULA. It sounds more like Facebook's EULA🤣
 

blackhawk

Senior Member
Jun 23, 2020
11,548
4,731
Samsung Galaxy Note 10+
So you think there is no way to get protected from their intruding my device if keep using their stock ROM?
Don't know. I have zero trust in any device from China with internet capability. China is the biggest and most unscrupulous data miner on the planet. That EULA only reinforces my distrust.

Backdoors; are just that and well designed embedded hardware ones are for all practical purposes undetectable until used. Can be designed into the SOC, who's going to find it? Any Chinese company has plenty of motive to do this if ordered to do so by the CCP.
 
Last edited:
  • Like
Reactions: Arealhooman

dsef13

Member
Dec 7, 2022
16
2
Don't know. I have zero trust in any device from China with internet capability. China is the biggest and most unscrupulous data miner on the planet. That EULA only reinforces my distrust.

Backdoors; are just that and well designed embedded hardware ones are for all practical purposes undetectable until used. Can be designed into the SOC, who's going to find it? Any Chinese company has plenty of motive to do this if ordered to do so by the CCP.
Without too much understanding, I reckon that a custom ROM would render even a hardware embedded backdoor useless.

Out of curiosity, googled Apple's EULA - it is as simple as mere 548 pages! The Chinese EULA can at least be read. Who has the ability to read Apple's?! Anything could be in there and no one will find.
 

blackhawk

Senior Member
Jun 23, 2020
11,548
4,731
Samsung Galaxy Note 10+
Without too much understanding, I reckon that a custom ROM would render even a hardware embedded backdoor useless.

Out of curiosity, googled Apple's EULA - it is as simple as mere 548 pages! The Chinese EULA can at least be read. Who has the ability to read Apple's?! Anything could be in there and no one will find.
Not necessarily. If present and undetected, no one would know it's trigger.
Lol, I loathe Apple. Their close ties to China makes them evil.
 

dsef13

Member
Dec 7, 2022
16
2
Since they are the ones designing the hardware they would choose a circuit path to use that could be triggered regardless of the firmware. Maybe in the modem section of the SOC.
Still being not an expert, I don't see how a piece of hardware could perform tasks without a firmware programmed specifically to tell it what to do. Even if the hardware is hardcoded to transmit specific folders or files, I believe that if you change firmware the folder names and paths could change which would confuse the "transmitter".
 

Top Liked Posts

  • There are no posts matching your filters.
  • 2
    Without too much understanding, I reckon that a custom ROM would render even a hardware embedded backdoor useless.

    Out of curiosity, googled Apple's EULA - it is as simple as mere 548 pages! The Chinese EULA can at least be read. Who has the ability to read Apple's?! Anything could be in there and no one will find.
    Not necessarily. If present and undetected, no one would know it's trigger.
    Lol, I loathe Apple. Their close ties to China makes them evil.
    1
    So you think there is no way to get protected from their intruding my device if keep using their stock ROM?
    Don't know. I have zero trust in any device from China with internet capability. China is the biggest and most unscrupulous data miner on the planet. That EULA only reinforces my distrust.

    Backdoors; are just that and well designed embedded hardware ones are for all practical purposes undetectable until used. Can be designed into the SOC, who's going to find it? Any Chinese company has plenty of motive to do this if ordered to do so by the CCP.
    1
    Totally agree with this statement!
    1
    What's the firewall you're using, by the way?
    Karma Firewall but it only is fully functional on Android 9 or lower. Karma uses almost no battery, is simple and gets it done.
    No logging feature on Android 10 though so eventually when I start using that device more... maybe Netguard. Not sure.
    1
    Even if the hardware is hardcoded to transmit specific folders or files...
    I do not expect functions like this to be hardcoded. Why? Because it is not necessary.
    The large majority does not care about what you found in the EULA and what in addition is sent.
    We are just a small minority setting up the devices offline and then using xPrivacyLua, AFWall or Netguard. Most likely we are not worth the extra effort, because they get so much data from the other users.
    Even if there are few that are aware of spying, many just say "I have nothing to hide".