
Huawei P30 Pro alleged to be querying China servers - kpU8efre7r
https://en.ocworkbench.com/huawei-p30-pro-alleged-to-be-querying-china-servers-behind-the-scenes/
======
unscaled
It seems like this is a side-effect from using baidu.com as a connectivity
test domain:

[https://github.com/pe3zx/huawei-block-
list/blob/master/analy...](https://github.com/pe3zx/huawei-block-
list/blob/master/analysis.md)

~~~
dirtyid
Also cursory search of ExploitWareLabs highlights lack of publish rigor from
previous expose last year. Juice:

>Our research team studied the video and we have several reasons to doubt its
authenticity. We’ve conducted a thorough audit over the last 48 hours based
the few details that are in the video and didn’t find anything. We reached out
the researcher and instead of replying he removed the video*. We’ll
communicate if indeed there is a risk.

[https://avleonov.com/tag/exploitwarelabs/](https://avleonov.com/tag/exploitwarelabs/)

Tl;DR an amateur with no presence outside of facebook did not actually find
what state level security experts tried to find for 10 years.

------
mark_l_watson
Sending to Chinese government servers or Huawei servers? Not a convincing
article.

I feel uncomfortable with what seems to me to be a campaign against Huawei at
the same time our government is worried about being competitive in 5G tech. I
could be wrong through, I didn’t believe that Russia would dare to meddle in
our election until there was hard evidence.

~~~
gwright
I thought it was common knowledge that the USSR and Russia have a long and
continuous history of engaging in disinformation campaigns and covert actions
of all kinds. But based on the way the Russian election meddling story has
been reported over the last 2+ years apparently I was wrong. Lots of people
seem to have been surprised by these activities.

The most disturbing aspect of this ignorance is that apparently our own
intelligence agencies were among the ignorant.

~~~
killjoywashere
Wait, when did we find out that the intelligence community was ignorant? When
they launched a formal investigation several months before the election? When,
exactly, did the tens of thousands, if not hundreds of thousands, of full time
employees in the IC collectively forget about Eastern bloc disinformation
campaigns?

~~~
gwright
Maybe "ignorant" was the wrong word choice. To the extent that they were aware
why didn't they intervene? Shouldn't have all the campaigns been
briefed/warned about Russian actions? Why was a special prosecutor required to
investigate what they already knew?

------
SethTro
In the last couple of hours the author rolled back some of their comments.

They way I'm reading this, they were seeing DNS requests to beian.gov.cn which
was worrisome. Now they say those are the result of manually visiting
baidu.com which makes more sense.

See [https://github.com/pe3zx/huawei-block-
list/blob/master/analy...](https://github.com/pe3zx/huawei-block-
list/blob/master/analysis.md)

~~~
netsharc
It's hard to read on account of the dodgy use of English, but this smells of
"amateur security researcher". Of course it feeds the narrative of Huawei
paranoia so it makes it to the HN front page. (I'm not saying Huawei is
innocent but this article surely is no smoking gun).

------
Gurathnaka
I'm trying to figure out what exactly this is getting at? Is the worry that
these requests to random Chinese servers are nefarious or is this some random
piece of software pinging a server for some tiny piece of information?

“ICP Beian” stands for the process of obtaining the Business ICP registration
number that allows you to host your website on a Mainland Chinese server. [0]

So these communications could be literally anything on the phone and all we
know is that it's communicating with a server in mainland China?

[0] [https://www.tmogroup.asia/entering-china-ecommerce-icp-
beian...](https://www.tmogroup.asia/entering-china-ecommerce-icp-beian-must-
knows-in-2017/)

~~~
nutcracker46
Do tell, why my Huawei P30 Pro should contact Chinese servers without my
awareness or consent?

~~~
chmod775
Why should my iPhone 8 contact servers in the US without my awareness or
consent?

Because it was developed by an American company and runs software written by
an American company.

If I don't trust them I might as well throw the device away now.

Is this really not obvious?

------
tomupom
This isn’t particularly surprising. It’s becoming more and more common hearing
about these stories, the last one I remember being Nokia HMD and Xiaomi both
sending packets to Chinese servers.

~~~
A2017U1
I have a Xaiomi Android One phone and it only pings google servers, most
activity is from Google Play Serives which many Android apps require to
function, have never seen a Chinese server in the logs. It's probably a
different story with the MIUI OS.

Sinkholing all requests the most concerning one Ive found is Google analytics
running as root continually trying to dial out every few minutes. It doesn't
give up and keeps retrying even after hours of failed requests. This is
without any phone/internet usage.

------
deepVoid
This kind of smear campaign against Huawei is unprecedented and politically
motivated in the history of telecommunication technology.

~~~
thatfunkymunki
Was it really necessary to make 3 substance-free top-level comments on this
topic?

~~~
phyzome
Well, two of them were useful, although somewhat redundant with each other.
Would have been better combined into one.

------
jka
I'm of the opinion that only something radical like a new platform and/or
device shift (i.e. away from smartphones to some other form factor, or a new,
open, network-local-by-default mobile operating system) is likely to save us
from this.

All contemporary smartphones leak a ton via DNS and various background sync
processes. Perhaps scrappy developers from emerging markets are more egregious
in violating expected norms, but these outcomes are pervasive at the moment
across the whole ecosystem.

------
ASalazarMX
> It is unknown whether there are any differences in firmware for different
> countries/regions.

It is perfectly known that Huawei sells Chinese and Global editions of their
phones. It's a pity there's so much vagueness when reporting that you can't
even know which edition or firmware were they testing.

I think we'll be doing a service to ourselves by ignoring vague reporting
about IT security and decide based on documented and repeatable reports.

------
kyriakos
Every windows and ios device also queries US domains. Not everything is done
maliciously.

------
free652
Would be nice to see what they are doing to generate those DNS requests.

------
est
Anyone have seen the list?

[https://github.com/pe3zx/huawei-block-
list/blob/master/maste...](https://github.com/pe3zx/huawei-block-
list/blob/master/master.txt)

Looks like a troll.

------
momofarm
I think google ads know more YOU than China, why don't you just cut your cord?

He even know what's my favorite porn site, I don't believe china will know
that better :)

------
deepVoid
Android phones are querying servers in the US all the time.

------
deepVoid
iphone found to be querying servers in the US, discovered 10 years ago.

------
dang
Url changed from
[https://www.taiwannews.com.tw/en/news/3685669](https://www.taiwannews.com.tw/en/news/3685669),
which points to this.

