Tracing the Supply Chain Attack on Android

(krebsonsecurity.com)

84 points | by MrXOR 1738 days ago

4 comments

  • bsder 1737 days ago
    Supply chain integrity has always been a problem in China.

    I'm surprised it has taken this long to actually have an issue that reaches the public relations level.

  • Lowkeyloki 1737 days ago
    It's worth noting that while the affected phones run Android and Google has officially commented on this, the affected phones don't appear to be Pixel or Nexus phones or anything like that. I got the impression that the affected phones were first-party models based on the first paragraph for some reason. That does not appear to be the case.
  • stevenjohns 1737 days ago
    I imagine there might be more models affected. Some of the names there (such as Doogee) also act as "OEM manufacturers" where they white-label their products and sell them wholesale, internationally, with different branding.
  • frequentnapper 1737 days ago
    If you look on Quora for any questions related to the current trade war, the "experts" are all in unison blaming it completely on US being somehow afraid of China and Chinese tech, while China being completely innocent and nice.
    • DiogenesKynikos 1737 days ago
      It's not China that's currently (or in the last year has been) embroiled in trade wars with all of its major trading partners.

      There's exactly one event that one can trace this trade war back to: Trump's election.

      • frequentnapper 1734 days ago
        the trade war with China is separate. This date backs to the TPP which Obama was trying to accomplish as well as a response to blatant ip theft, cyber attacks, and corporate espionage by Chinese govt.