I'm new to Android, and thinking about buying an Android phone from China - but I'm afraid of pre-installed malware. There have been a few reports of this happening, eg. Coolpad.
How do you guys guard against the risk of having your phone compromised, or worse, having your personal/financial data stolen?
Is it sufficient to simply install a malware detection app, and run a scan? Or are these tools easy to bypass?
Thanks for any tips!
How much can you seriously save? There are android phones here for less than $50 everyday of the week. Even the best big brand name phones are often a PITA, can't even image what budget generic chinese phones are like - maybe better? lol
Best advice can offer u, is wait for Android M to come out. Lollipop when it is perfect is still a virus.
Haven't seen a five-inch screen around here for a hundred.
I've bought a few Chinaphones; big brands are usually fine, but even the no-brands I got aren't awful. (Bit flimsy, but they worked.) I don't put much personal, and never any financial data on my phone. That probably doesn't really help you, but that's what I do, lol..
I bought a 5.5" inch phone for around a hundred. Didn't detect any malware (scan using MalwareBytes) and the OS was pretty stock, almost no 3rd party software.
https://www.ozbargain.com.au/node/187916
I reviewed it after receiving it and using for a few days. To sum it up, it wasn't really a good phone — chock full of flaws like crappy camera, small battery and a lousy MTK chipset with GPS that never works, but if all you want is phone calls, ample storage and a big screen that's what you'd get.
Didn't detect any malware (scan using MalwareBytes)
mate… if there's malware installed by the manufacturer a simple av scan isn't going reveal anything.
This is what I'm worried about.
I don't quite understand though - why wouldn't a scan detect malware that's been installed by the manufacturer? Are you able to elaborate on this?
@shake: The operating system fully controls what apps are allowed to access. Malware that's part of the operating system won't be detected simply because the OS won't allow apps to access the files identifying them.
These are usually detected in one of two ways:
Monitoring network connections from the router/accesspoint. Networking devices can always see connections through them, and even if they're encrypted they can at least see the remote endpoint. If it's a server in China, that's suspicious. Heck, if there's data moving when there shouldn't be, that's also suspicious.
Offline scan of a ROM dump - if you read the phone OS from the flash chips themselves, you can scan them without interference. Of course, this does not detect malware baked into the actual firmware, which is much harder. Firmware malware/backdoors would also continue working even if you flash a custom ROM.
Also, just in general A/V scanning will never detect 100% of malware, since it relies on incomplete signatures and inaccurate heuristics. This applies for A/V on computers too.
I think it's a case of YMMV. I've got a THL W8, THL T6 Pro, and two other things. GPS on the T6 (my main phone) doesn't work, but it does my nobrand 'Alps D2'. I do notice the camera is about the same as a Samsung S2. Battery is good at about a day with heavy use, and a bit more with light use of Wifi. So depends what you get…It also depends on how high your standards are, really. I do like my phone, but it's mainly a glorified ebook reader. (And a few mobile games on it)
Bought from Buyincoins (5% off with referral) and Dealextreme (don't buy from them now if they still have the awful shipping times). Both are pretty solid so I wasn't too worried, but it's still a relief when they arrive and work.
Check out www.gizchina.com for some reviews of chinese phones. As with all Chinese products, they range from sticky tape and magic spit to rivalling Apple in terms of build quality. As for safety concerns, mostly unfounded but stick with an established player.
Most important… consider you have "no warranty".. unless you don't mind the insane cost of return postage and then them saying they never received it.
I've always thought the best way to go about these Chinese electronic devices is using the phones that are fairly known/used by a lot of people. If it is well known and used by many people, it's likely that they would've picked up those malwares on OS, though this is just talking about chances. Also, more popular it is, more likely it would have custom ROM on XDA as well.
Also, get it from a well known vendor as well. Fake ones with malwares can potentially bypass the authentication apps, like what happened with Bluebox with their Mi4 when they found malwares on it.
https://bluebox.com/technical/popular-xiaomi-phone-could-put…
Thanks for all the replies.
I'm not too worried about warranty, seller reliability and so on, as I believe I have a reasonable handle on those.
Just would like to understand how I can protect myself against having my data stolen - from what I can tell, I have 2 main options:
Install a custom ROM -> however, my impression is that there are no custom ROMs available for most of the Chinese phones - please correct me if I am wrong!
Install and run anti-virus/malware apps -> but I'm not sure whether this is comprehensive enough. Does this give me a reasonably-high level of assurance that the phone is safe? chipstss's comment above suggests not.
Any other tips would be greatly appreciated.
If you want to buy a Chinese phone, buy one that is at least popular and from a company that is known to provide a phone with an unlocked bootloader. Locked bootloader means zero chance of a custom ROM happening.
Noob question here - how do I know if the phone has an unlocked bootloader? Is this something that is usually mentioned in reviews or specs? Or just have to look for user feedback I suppose?
Mostly user feedback. From my understanding it's only the major branded devices that will feature a locked bootloader
My Huawei Y550 for example had a locked bootloader but it was easily unlocked using online instructions. My THL W8 phone didn't have a locked bootloader.
Some chinese companies freely provide the tools required for bootloader unlocking. Xiaomi for example
@scrimshaw: Cool - thanks for that. I need to read into it a bit more, but you've given me a good start.
I have a THL W8s and there are two apps I can recommend for finding and stopping connections. AFWall+ by "ukpriya" is the best firewall app I've used on Android and can filter by data/Wi-Fi/VPN/LAN with multiple profiles, it does need root access though. A second app I've used is Network Connections by Anti Spy mobile which let's you see which apps are connecting to which IP addresses and trace them.
I used to use Clean Master (super popular app) then I traced it's connections back to China and Amazon UK data services, I quickly uninstalled and never went back to that. So be sure to check out Network Connections, and it says it doesn't need root access if that's not your thing.
Although in saying that I never found anything bad with the OS, if you root your phone you can delete most of the stock apps without any problems anyway.
Thanks for this - I guess I should add a third tool to my 'toolbox':
3. Install and run apps to monitor network traffic, look for any suspicious activity there.
Antutu is an app for testing phone performance and specs. Some chinadroid makers install software that make antutu give false results. So the specs you are checking on your awesome but uber cheap chinadroid may look great with antutu but the reality is something else.
Buy directly from large brands like Xiaomi or Oneplus One, I had a relative bring my Mi4 over from China.
I think it may be safer to install a custom ROM so I've heard. Lots of info over at WP http://forums.whirlpool.net.au/archive/2296209