Post AV0Pkh1cJ3Y2TF8m6y by sonnenaufgang@social.tchncs.de
(DIR) More posts by sonnenaufgang@social.tchncs.de
(DIR) Post #AV0LgGRKo9ZN2jnonI by nitrokey@social.nitrokey.com
2023-04-25T08:20:13Z
1 likes, 2 repeats
Smartphones With Popular Qualcomm Chip Secretly Share Private Information With US Chip-Maker https://www.nitrokey.com/news/2023/smartphones-popular-qualcomm-chip-secretly-share-private-information-us-chip-maker
(DIR) Post #AV0PWaMcHBR5kzEgrY by chiefbongo@mastodon.social
2023-04-25T09:03:48Z
0 likes, 0 repeats
@nitrokey did you report it? @bfdi @noybeu @maxschrems
(DIR) Post #AV0PbP5FduCqDiPXo8 by nitrokey@social.nitrokey.com
2023-04-25T09:04:43Z
1 likes, 0 repeats
@chiefbongo @bfdi @noybeu @maxschrems Yes, to @noybeu
(DIR) Post #AV0Pkh1cJ3Y2TF8m6y by sonnenaufgang@social.tchncs.de
2023-04-25T09:06:17Z
0 likes, 0 repeats
@nitrokey wer ist in DE für eine Beschwerde verantwortlich? @ulrichkelber https://www.nitrokey.com/de/news/2023/smartphones-mit-verbreitetem-qualcomm-chip-senden-heimlich-private-informationen-us
(DIR) Post #AV0Qe5wPN3Olfo7cOG by khaine411@social.tchncs.de
2023-04-25T09:16:23Z
0 likes, 0 repeats
@nitrokey Was hat GrapheneOS mit Firmware zu tun? Und wer sagt, dass der Chip/die Firmware auf Pixel Geräten nicht genau das gleiche tut? Irgendwie sehr eigenartig zu lesen. Dennoch natürlich ein Problem, was man aber nicht lösen wird bis die firmware opensource wird - egal welcher hersteller
(DIR) Post #AV0SxvBdGUty1EpBbs by lejapproach@social.anoxinon.de
2023-04-25T09:41:05Z
0 likes, 0 repeats
@nitrokey #SailfishOS does have an option called Exclusive Mode, which as far as I can see disables the use of A-GPS.
(DIR) Post #AV0TewMqkZYk8LaIro by seachaint@hackers.town
2023-04-25T09:50:07Z
0 likes, 0 repeats
@nitrokey Image description: Eminently skippable. A stock photo of a hand holding a generic phone, onto which a red screen with a warning-sign captioned "Qualcomm" has been edited. A laptop is visible behind it.
(DIR) Post #AV0bz7H2i3XLNs03Rg by lutindiscret@mastodon.libre-entreprise.com
2023-04-25T11:22:31Z
0 likes, 0 repeats
@nitrokey 😨 Hi @agnes007 👋 Is @Fairphone aware of that? Can this be mitigated in any way (I guess it's (very very) hard)? Can FP as a company be at risk regarding GDPR-compliance 😨?(side note: will adopt an FP3 soon and I really wanted to thank you for everything FP do 👍)
(DIR) Post #AV0dbLRsYYSGIwrS3U by cammel@chaos.social
2023-04-25T11:41:07Z
0 likes, 0 repeats
Ui, auch fairphone ... Aber wehe das hätte China gebracht. Gibt es jetzt auch Verkaufsverbot für Qualcom und US Phones wegen Spionageverdacht? *mecker*@leyrer
(DIR) Post #AV144M2E3MqRKSM62S by cbpread@mastodon.social
2023-04-25T16:37:39Z
0 likes, 0 repeats
@nitrokey Makes me wonder what else Qualcomm is up to.
(DIR) Post #AV17fOQ6RqIfIrsQ40 by sovereign_stack@mastodon.social
2023-04-25T17:18:21Z
0 likes, 0 repeats
@nitrokey Here a list of the data Qualcomm may collect from your phone according to their privacy policy: - Unique ID- Chipset name- Chipset serial number- XTRA software version- Mobile country code- Mobile network code (allowing identification of country and wireless operator)- Type of operating system and version- Device make and model- Time since the last boot of the application processor and modem- List of the software on the device- IP address
(DIR) Post #AV1C9RIihWVSk60RQe by ilumium@eupolicy.social
2023-04-25T18:08:40Z
0 likes, 0 repeats
@nitrokey Hey @Fairphone, as a #Fairphone user impacted by this apparent breach of EU law, I wonder:Do you intend to demand from #Qualcomm to provide a #firmware update that brings your devices into compliance?
(DIR) Post #AV1EDXb5QwCBKvgFgO by Fr333k@infosec.exchange
2023-04-25T18:31:46Z
0 likes, 0 repeats
@nitrokey what is in the pcap, just a GET? Or more?
(DIR) Post #AV1ELhaYAaQGdnJy64 by matchboxbananasynergy@infosec.exchange
2023-04-25T18:33:19Z
0 likes, 0 repeats
@nitrokey This is wrong and highly sensationalized. Please have a read through this response from the official GrapheneOS account on Reddit going through this.
(DIR) Post #AV1JD46pZJwxeU7ZOy by wolf480pl@mstdn.io
2023-04-25T19:27:39Z
0 likes, 0 repeats
@nitrokey have you actually seen a list of installed applications in the sniffed traffic?
(DIR) Post #AV1LtNPSOsSta98XSa by lies_das@digitalcourage.social
2023-04-25T19:57:46Z
0 likes, 0 repeats
@nitrokey @Fairphone @Fairphone Auweia auch #fairphone durch den verwendeten Prozessor betroffen?
(DIR) Post #AV1MT2pSOc04B3J1Rw by kkarhan@mstdn.social
2023-04-25T20:04:15Z
0 likes, 0 repeats
@nitrokey Funfuckingtastic...So they literally integrated some #Malware if not #Govware into their #SoC's... So I guess #Qualcomm will be on my "#WontBuy" #sanctions list...
(DIR) Post #AV1N82dzzJFLTdUlVY by waterbear@scicomm.xyz
2023-04-25T20:11:38Z
0 likes, 0 repeats
@nitrokey what's worse, the DNS for izatcloud.net resolved to an IP in China...
(DIR) Post #AV1NkK9FMBEkljMjAW by waterbear@scicomm.xyz
2023-04-25T20:18:34Z
0 likes, 0 repeats
@nitrokey is it expected that all Qualcomm Snapdragon chips phone home in this manner?
(DIR) Post #AV1QY2dmvH0qrGUC1Y by bart@mastodon.fam-ribbers.com
2023-04-25T20:49:52Z
0 likes, 0 repeats
@nitrokey Sorry but this is just unnecessary fearmongering.https://blog.brixit.nl/nitrokey-dissapoints-me/
(DIR) Post #AV1SaHQd749bD1Whfs by atoponce@fosstodon.org
2023-04-25T21:12:46Z
0 likes, 0 repeats
@nitrokey Looks like it might be overly sensationalized to sell Nitrophones. What are your thoughts on these counterpoints?https://reddit.com/r/privacy/comments/12yii9u/german_security_company_nitrokey_proves_that/jhojlr7/https://blog.brixit.nl/nitrokey-dissapoints-me/
(DIR) Post #AV3mCswUN9ss0PTCRU by blake@fosstodon.org
2023-04-27T00:01:42Z
0 likes, 0 repeats
@nitrokey I appreciate that you published a method you used to find the issue, so anyone can test for themselves to see if it's true.
(DIR) Post #AV4miomTZggPWWyOwq by nitrokey@social.nitrokey.com
2023-04-27T11:42:32Z
0 likes, 0 repeats
The article has been corrected to state that the responsible software is not executed as firmware but in the operating system. Also requests to android.clients.google.com originate from microG. We are going to publish Wireshark logs in the coming days.
(DIR) Post #AV4oIYG4aBVeeuQ5mS by Oceane@social.coop
2023-04-27T12:00:13Z
0 likes, 0 repeats
@nitrokey From my position I feel like you lied so I feel that publishing an erratum would make it even more inappropriate. Just apologize and let's move on.
(DIR) Post #AV4onBOvcBwgkIATjM by genofire@chaos.social
2023-04-27T12:05:19Z
0 likes, 0 repeats
@nitrokey jippi i like to see the dump.
(DIR) Post #AV4ozJrHzpSOS1DkLA by atoponce@fosstodon.org
2023-04-27T12:07:59Z
0 likes, 0 repeats
@nitrokey So the Nitrophone marketing plan didn't quite go as expected, eh?
(DIR) Post #AV4t9YRL2N9eO3DbH6 by polezaivsani@chaos.social
2023-04-27T12:54:32Z
0 likes, 0 repeats
@nitrokey Wonder if you corrected the unverified claims about Fairphones?
(DIR) Post #AV4u0rNjLJ2eTvwt04 by crystal@hachyderm.io
2023-04-27T13:03:59Z
0 likes, 0 repeats
@nitrokey why should I trust anything you say when your blog post shows a clear lack of understanding about how Android and location services in general work?
(DIR) Post #AV5Afzft0tKZLD4qDw by kkarhan@mstdn.social
2023-04-27T16:10:53Z
0 likes, 0 repeats
@nitrokey looking forward to it.
(DIR) Post #AV5pO2VRqKC920kgqm by islamicaudiobooks@mastodon.social
2023-04-27T23:47:05Z
0 likes, 0 repeats
@nitrokey The Qualcomm Register article corrects 2 things:- Requests do not originate in Qualcomm firmware (corrected now)- They're publicly disclosedThe rest of it appears to be a lot of interpretation/analysis about why what it does is not really a big deal, it's anonymized info and people with high threat models should simply not use phones. #Qualcomm seems to confirm the rest of the claims in the Nitrokey article including the uploading of personal data but trivialises it!
(DIR) Post #AVCcQ0L4vuBxajECJM by alemacilenti@mastodon.uno
2023-05-01T06:24:48Z
0 likes, 0 repeats
@nitrokey @iode @Fairphone Any fix on the line?