Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > EDA/IP

China-made smartphones speak in forked Android

Posted: 18 Mar 2015 ?? ?Print Version ?Bookmark and Share

Keywords:MIUI? Android? open source? BYOD? OS?

A forked version of the Android operating system seems to be spreading across China, proving the growing fragmentation of Android devices.

On one hand, this shows the ingenuity of Chinese smartphone vendors. They've grown more aggressive in creating their own variations on the open-source Android OS. On the other hand, security experts are concerned about safety and security for corporate data as the BYOD (bring your own device) trend expands among employees working at multinational corporations.

George Hsu, CTO of PNI Sensor Corp. (Santa Rosa, Calif.), recently told EE Times, "Chinese smartphone vendors used to worry about Google's dominance on the smartphone operating system. But not so much anymore, as the fragmentation in Android becomes widespread."


Android fragmentation

Hsu noted that Chinese smartphone vendors today are much bolderand more creativein making their handsets behave certain ways. For example, rather than waiting for Google to stipulate particular features for always-on applications such as Google Now, Chinese vendors are adding their own hardware, such as sensor hubs, in order to integrate unique context-aware features in new smartphone models.

Forked but incompatible

Meanwhile, there is an unmistakable push in China to develop "a forked but incompatible version" of Android OS. A case in point is the Yun OS from Alibaba Group Holding's subsidiary AliCloud. Reportedly, Alibaba developed the Yun OS in an effort to drive users to Alibaba's e-commerce applications and other services.

When Alibaba announced last month a $590 million investment in Meizu, one of China's smaller smartphone vendors, some Chinese industry experts described Alibaba's motive as a fight over the OS. They explained that Alibaba is hoping to push Yun OS deeper into mobile.

At this point, it's not known how many Android smartphones developed and made in China are actually passing Google's compatibility test suite (CTS) and complying with Google's compatibility definition document (CDD). Security experts caution that without compliance to Google's CTS or CDD, devices can be shipped with known security vulnerability (prevented in Google certified versions).

The issue came into sharp focus when Bluebox, a San Francisco-based security firm funded by Andreessen Horowitz, Tenaya Capital, and Andreas Bechtolsheim, issued a report this month claiming Xiaomi was pre-installing malware on its Mi 4 smarpthone.


Xiaomi Mi 4

According to the original Bluebox report, Xiaomi was shipping the Mi 4 with a rooted ROM and came pre-installed with tampered versions of popular benchmarking apps. It also claimed that Xiaomi's own identifier app showed that the phone was a legitimate Xiaomi product.

However, Bluebox acknowledged two days later that the initial report was based on a Xiaomi device that was actually counterfeit and "a very good one at that."

But the fact remains that security experts were duped into treating a counterfeit model as legit and ended up with an erroneous report. This is an interesting story all by itself.

While the incident put Bluebox's reputation on the line, it also provided the electronics industry with some valuable insights into what's going on with a growing number of Chinese smartphones.

What did we learn?

Bluebox believes the whole experience validated several issues. Andrew Blaich, lead security analyst at Bluebox, told EE Times, "First, we can't trust the device we're using." Despite its security expertise, it was not easy for Bluebox to confirm the authenticity of both hardware and software.

Blaich added, "Second, we now know even if it were a legitimate hardware, software could have been easily swapped out." In other words, whether or not the device was counterfeit, "the fact remains that consumers are buying devices that have compromised ROMs (either in legitimate or counterfeit hardware) that put their data at risk."

1???2?Next Page?Last Page

Article Comments - China-made smartphones speak in fork...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top