Affected smart phones are Sony Xperia XA2 and likely the Fairphone and many more Android phones which use popular Qualcomm chips. The data is sent without user consent, unencrypted, and even when using a Google-free Android distribution. This is possible because the Qualcomm chipset itself sends the data, circumventing any potential Android operating system setting and protection mechanisms.
Has anyone
else replicated it? orhave more specific information on affected phone&chips?I tested with an Android phone that has a Qualcomm chip, but didn’t see any DNS query for izatcloud.net. My test involved monitoring wifi traffic using a separate device, rebooting the android device, and disabling/enabling wifi a couple times.
This post include a few plugs for the NitroPhone (which is unaffected), and appear on the NitroPhone’s vendor website. I wonder if they’re overstating how widespread the issue is, which would benefit their device’s marketing.
Update: found a couple fairphone forum threads that confirm the issue, and give more details.
Looks like it’s less suspicious (but still crap):
https://mstdn.social/@larma@mastodon.social/110260142005927299
Good to know. Userspace means there’s some hope of disabling this, possibly without root.