Like many other modern devices, seemingly “dumb” feature phones are actually a lot smarter than you might think. And that can be a problem.
Basic phones can be dangerous too
A recent analysis examined the security of five basic cell phones that sell for about $10 to $20. Commonly referred to as “feature phones” or “granny phones” — and often purchased for
Elderly relatives who don’t want or can’t get
used to smartphones — these devices can also be a “just in case” option. Some people also believe they’re more secure than Android smartphones.
Well, that last part wasn’t a consensus. Hidden features in four of the five phones were discovered: two transmit data on first boot (leaking the new owner’s personal information), and the other two not only leak private data but also allow the user to subscribe to paid content by secretly communicating over the Internet with a command server.
Grandma’s phones infected
The author of the study provides information high-end retouching on the methods used to analyze the firmware of these simple devices, the technical details of which may be of interest to those who wish to repeat the same analysis. However, let’s go straight to the conclusions.
Of the five phones we analyzed, two send user data somewhere the first time they are turned on. Who the data goes to—manufacturer, distributor, firmware developer, or someone else—is unclear.
It’s also unclear how the data might be used. One might assume that such information could be useful for tracking sales or controlling the distribution of product batches across different countries. To be honest, it doesn’t seem too dangerous; after all, every smartphone transmits some telemetry data.
Keep in mind, however, that all major smartphone
manufacturers at least try to anonymize В основния си раздел можете да имате заглавия като: the data they collect, and its destination is usually more or less clear. In this case, however, nothing is known about who is collecting sensitive information from owners without their consent. For example, one of the phones alb directory transmits not only its serial number, activation country, firmware information and language, but also the base station identifier, useful for establishing the user’s approximate location.
