Source: Reuters
According to the report, security researcher John Wu published a blog post Tuesday that explained how users of Huawei's Mate 30 Pro were able to manually download and install Google apps, despite a U.S. blacklisting that prohibits the Chinese company from using American components and software.
But in the wake of the revelations, the Mate 30 devices, made to work on new 5G mobile networks, lost their clearance to manually install Android apps, as reported by a number of smartphone experts, Bloomberg said.
The Mate 30 is Huaweis first major flagship smartphone launched last month, since U.S. President Donald Trumps administration effectively blacklisted the company in mid-May, alleging it is involved in activities that compromise U.S. national security, a charge the company denies.
Wu wrote in the post a widespread method to install Google Services on newly released Huawei devices relies on undocumented Huawei specific mobile device management application programming interface, or MDM APIs.
Although this backdoor requires user interaction to be enabled, the installer app, which is signed with a special certificate from Huawei, was granted privileges nowhere to be found on standard Android systems, he wrote.
The system framework in Huaweis operating system has a backdoor that allows permitted apps to flag some user apps as system apps despite the fact that it does not actually exist on any read-only partitions, Wu said.
This process let the Mate 30 phones to run popular apps like Google Maps and Gmail that otherwise would not be permitted, Bloomberg reported bloom.bg/2mSwsKg.
An easy-to-use app enabling the installation of Google apps and services on the Mate 30 Pro, called LZPlay, had emerged alongside the devices release, however it has disappeared after Wus posting. Only Google is able to make that change through its SafetyNet anti-abuse check, the report said.
Google and Huawei did not immediately respond to a request for comment from Reuters.
No comments:
Post a Comment