提醒使用华为手机的战友注意安全
别问我叫什么名字,我叫雷锋-原文链接https://twitter.com/fs0c131y/status/1051204370543648770
-由雷锋同学翻译并整理
翻译:我正在看墙内版的菊花P20手机,看看我能找到什么
Look at the name of the files contains in the assets folder:
大神第一个看的应用叫Decision,一个叫assets文件夹
- airport_china.txt 这是机场的数据 存储位置信息
- city_china.txt 墙国城市名
- cityinfo.db 墙国城市信息数据库
- parkinglot_china.txt 全墙国的停车场信息
- railwayinfo.db 火车站
- trainInfo.db 火车信息
- trainstation.db 火车站
Interesting, no?
看看这些文件名 很有趣对吗
For example, the trainstation database contains:
举个例子:这是其中一个文件里面存储的内容:
- address 地址
- name 名字
- latitude 纬度
- longitude 经度
- city 城市名
In the manifest of this application, there is a GeoReceiver
这是程序中的GeoReceiver (GEO - 维基百科)
This receiver is receiving an UUID and will lookup an known fence id
这个接收器正在接收UUID并将查找已知的fence id (地理围栏 (Geo-fencing)是 LBS 的一种新应用,就是用一个虚拟的栅栏围出一个虚拟地理边界。当手机进入、离开某个特定地理区域,或在该区域内活动时,手机可以接收自动通知和警告。Geo-fence - 维基百科)
我是一个愚蠢的安全研究员。 目前,关键词是:火车,机场,城市,地理围栏...你看到我们要去哪里?
In the data folder, there is a file called CalcMain. Here some of the methods of this class:
在一个叫data的文件夹里,有个叫CalcMain的文件 里面是一些规则 大概是到点提醒你坐火车啥的(话说我用不着你提醒 为啥还要收集我信息)
- callGetBusTime
- callGetTaxiTime
- isTrafficBusy
- callGetHomeCity
- callHasHotelTicket
- callGetAirportMultiPoi
- callHasGroupBuyingTicket
- ...
To be clear, this app is composed of 3 background services and 2 services. There is NO UI in this app.
这个应用程序由3个后台服务和2个服务组成且这个程序没有UI(不折不扣的间谍应用)
哈哈程序猿好萌 "DO NOT KILL ME >_<"
This app doesn't seems to send the data BUT they communicate with another service called HiActionService which is coming from an Huawei app called HiAction
这个程序似乎没有发送数据,但是它们与另一个名为HiActionService的服务进行通信,该服务来自一个名为HiAction的华为应用程序
The previous screenshot is from the class called ActionCommonUtil. We can easily that Decision is sending all his events to this service through the methods in this class.
上一个截图来自名为ActionCommonUtil的class。 它会通过这个class把所有事件发送到华为云服务
I will study the app HiAction another time but what you have to know is that this app is sending the data to hicloud[.]com, "the Huawei Cloud"
我会在别的时间看HiAction应用,但是你必须知道这个应用会发送所有应用到hicloud.com,华为云
In order to be more discreet, the OEM dispatch the responsibilities to multiple apps. In this case:
为了更谨慎(为了间谍监控行为更不容易被发现)OEM会把任务分配给多个应用,在这种情况下:
1. An app or the modified Android is getting your location regularly. It will trigger a GEO_ALARM_TRIGGERED to the Decision app
应用程序或修改过的Android会定期获取你的位置。 它将触发GEO_ALARM_TRIGGERED到Decision应用程序
2. Decision app is getting this location and check with his internal databases. If there is a match, it will generate an event
这个应用程序正在获取此位置并检查他的内部数据库。 如果匹配,则会生成一个事件
3. Decision will send this event to HiAction
它会把所有事件发送到HiAction
4. HiAction will upload the data to the Huawei cloud
HiAction 会将所有数据发送到华为云
Ugly, no?
所以我给大家的建议就是: