Of kettle and pot calling each other names

The yues was allover Huawei ati sijui backdoors kumbe it was just jealousy juu china started outdoing them.
Pia Qualcomm iko na backdoor. Also if i make something shouldn’t i be in control of anything it does. Bottom line we are at the mercies of the big tech companies google, Microsoft, Samsung etc.

https://www.nitrokey.com/news/2023/smartphones-popular-qualcomm-chip-secretly-share-private-information-us-chip-maker

Kwa wale wa ku crick.

EN

https://www.nitrokey.com/sites/all/themes/nitrokey/logo.png
[ul]

[/ul]

[SIZE=7]Smartphones With Popular Qualcomm Chip Secretly Share Private Information With US Chip-Maker[/SIZE]
https://www.nitrokey.com/sites/default/files/styles/article_thumbnail/public/field/image/rotesHandy-klein.png?itok=CxKywrJ81
[SIZE=6]Summary[/SIZE]
During our security research we found that smart phones with Qualcomm chip secretly send personal data to Qualcomm. This data is sent without user consent, unencrypted, and even when using a Google-free Android distribution. This is possible because of proprietary Qualcomm software which provides hardware support also sends the data. Affected smart phones are Sony Xperia XA2 and likely the Fairphone and many more Android phones which use popular Qualcomm chips.

[SIZE=6]Introduction[/SIZE]
The smartphone is a device we entrust with practically all of our secrets. After all, this is the most ubiquitous device we carry with us 24 hours per day. Both Apple and Android with their App Store and Google Play Store are spying on its paying customers. As a private alternative some tech-savy people install a Google-free version of Android on their ordinary smartphone. As an example we analyzed such setup with a Sony Xperia XA2 and found that this may not protect sufficiently because proprietary vendor software, different from the (open source) operating system, sends private information to the chip maker Qualcomm. This finding also applies to other smartphone with a Qualcomm chip such as the Fairphone.
[SIZE=6]What is a de-Googled Android phone?[/SIZE]
A deGoogled Android phone is one that has been modified to not include any of Google’s proprietary (closed-source) apps or services. This usually involves installing a custom ROM that replaces the standard Android software with an open source Android that doesn’t come with any of Google’s apps. You can either install such an Android yourself or buy a phone that already has this done for you (e.g. NitroPhone).
Google surveillance & tracking tools are everywhere but most of this ‘evil’ is located inside the Google Play Services, which is closed-source. Millions of lines of code that include things like constantly scanning your surroundings for Bluetooth and WiFi devices, using WiFi signal triangulation, then matching the visible WiFi antennas with Google’s database of all geographic locations of all WiFi access points they collect in order to know your precise location at all times. This all works without connecting to the detected WiFi networks and even when your GPS is turned off. This method is similar to how the CIA tracked down Pablo Escobar in the 1990s but is now used on a massive scale to track every citizen around the globe.
https://www.nitrokey.com/sites/default/files/images/wigle.net.png
Sample of wireless access point geolocation database www.wigle.net
To get rid of the almighty powerful Google and Apple and its 24 hour tracking & surveillance tools one approach is to use a de-Googled Android phone. As a result, your deGoogled phone will not have the Google Play Services and Google Play Store but will instead use an alternative open-source store app that offers the same apps. You can also avoid the use of a store altogether by downloading your apps (with the APK file extension) directly from the software vendor’s website. This is just as you would when downloading a program to install on your PC.
[SIZE=6]Analyzing a DeGoogled Phone[/SIZE]
https://www.nitrokey.com/sites/default/files/images/sony_0.jpg
In this test, we decided to try /e/OS, a de-Googled open-source version of Android that is privacy-focused and designed to give you control over your data. /e/OS claims that they do not track you and don’t sell your data. Let’s find out.
We installed /e/OS on a Sony Xperia XA2 smartphone. After installation, the phone boots into the /e/OS setup wizard. It requested us to turn on GPS location service, but we purposely left it off because we do not need it now.
We also didn’t place a SIM-card in the phone either so it could only send and receive data over the WIFI network which we are monitoring with Wireshark. Wireshark is a professional software tool which allows us to monitor and analyze all traffic being sent over the network.
After we provided our WiFi password in the setup wizard, the router assigned our /e/OS de-Googled phone a local IP address and it started generating traffic.
The first DNS requests we see:
[2022-05-12 22:36:34] android.clients.google.com
[2022-05-12 22:36:34] connectivity.ecloud.global
Surprisingly, the deGoogled phone’s first connection is to google.com. According to Google, the host android.clients.google.com serves the Google Play Store for periodical device registration, location, search for apps and many other functions. This is strange because we have a deGoogled phone without the Google Play Store. Later we found out that this request originates from microG, an open source re-implementation of Google’s proprietary core libraries and applications.
Then it connects to connectivity.ecloud.global which, according to /e/OS, replaces Android’s Google server connectivity check connectivitycheck.gstatic.com.
Two seconds later the phone started communicating with:
[2022-05-12 22:36:36] izatcloud.net
[2022-05-12 22:36:37] izatcloud.net
We are not aware of any company or service with the name izatcloud.net. Therefore we started searching through the /e/OS legal notice and privacy policy but found no mention of data sharing with the Izat Cloud. The /e/OS privacy policy clearly states “We do not share any individual information with anybody”. We then searched through the /e/OS source-code they make available on Gitlab and we were unable to find any references to the Izat Cloud.
A quick WHOIS lookup shows us that the izatcloud.net domain belongs to a company called Qualcomm Technologies, Inc. This is interesting. Qualcomm chips are currently being used in ca. 30% of all Android devices, including Samsung and also Apple smartphones. Our test device for the /e/OS deGoogled version of Android is a Sony Xperia XA2 with a Qualcomm Snapdragon 630 processor. So there we have a lead.
[SIZE=6]Is Qualcomm spying on us?[/SIZE]
Investigating this further we can see that the packages are sent via the HTTP protocol and are not encrypted using HTTPS, SSL or TLS. That means that anyone else on the network, including hackers, government agencies, network administrators, telecom operators, local and foreign can easily spy on us by collecting this data, store them, and establish a record history using the phone’s unique ID and serial number Qualcomm is sending over to their mysteriously called Izat Cloud.
The data sharing with Qualcomm is not being mentioned in the terms of service from Sony (the device vendor) or Android or /e/OS either. Qualcomm does this without user consent.
We believe this is against the General Data Protection Regulation (GDPR) to collect user data without their consent and contacted Qualcomm’s legal counsel about the matter. A few days later they answered and informed us that this data collection was in accordance with the Qualcomm Xtra privacy policy and they shared us a link to their XTRA Service Privacy Policy. So it appears to be that this Izat Cloud we never heard of is part of the XTRA Service we’ve never heard of either. We have the impression that Qualcomm likes to keep things mysterious, hence the name Izat Cloud and the XTRA Service.
Looking at the link Qualcomm sent us, the ‘XTRA Service’ privacy policy states:
[INDENT]“Through these software applications, we may collect location data, unique identifiers (such as a chipset serial number or international subscriber ID), data about the applications installed and/or running on the device, configuration data such as the make, model, and wireless carrier, the operating system and version data, software build data, and data about the performance of the device such as performance of the chipset, battery use, and thermal data.
We may also obtain personal data from third party sources such as data brokers, social networks, other partners, or public sources.”[/INDENT]
They do not mention IP address but we assume they collect that as well. After our research was completed they’ve updated the privacy policy and now added that they do also collect the device’s IP address. They also added the information that they store this data for 90 days for ‘quality purposes’.
To clarify, here a list of the data Qualcomm may collect from your phone according to their privacy policy:
[ol]
[li]Unique ID[/li][li]Chipset name[/li][li]Chipset serial number[/li][li]XTRA software version[/li][li]Mobile country code[/li][li]Mobile network code (allowing identification of country and wireless operator)[/li][li]Type of operating system and version[/li][li]Device make and model[/li][li]Time since the last boot of the application processor and modem[/li][li]List of the software on the device[/li][li]IP address[/li][/ol]
Digging a little deeper we’ll find out that the ‘XTRA Service’ from Qualcomm provides Assisted GPS (A-GPS) and helps provide accurate satellite positions to a mobile device.
[SIZE=6]What is Assisted GPS (A-GPS), and why do I need it?[/SIZE]
GPS was initially developed exclusively for military usage, guiding planes, personnel, and bombs. Receivers were typically positioned in open regions with line-of-sight access to satellites. Since GPS became available for commercial usage, however, new applications have increased the system’s requirements.
These new uses required GPS signals to penetrate overhead obstructions, such as trees and roofs. Thus, the “assisted GPS” or A-GPS solution was born. With A-GPS the phone downloads various files containing orbits and statuses of satellites with the approximate GPS satellite locations for the next 7 days to help quickly determine phone’s location.
[SIZE=6]Proprietary device drivers are problematic[/SIZE]
The largest part of Android is published as open source and can therefore be analysed regarding potential security and privacy issues. But usually smart phone vendors include additional proprietary software such as device drivers, firmware blobs, system services and apps. The apps are directly visible by the user and can change the system to such an extend that it reminds of a PC of the 90s shipped with Windows 95 and a lot of so called bloat ware.
Obviously also Google-free Android distributions require device drivers to support a given hardware. These drivers are usually proprietary software which gets executed by the operating system and can not only provide the required hardware support but also perform undesired behaviour. The consequences are that even with a deGoogled device we still have no full control on our privacy and which personal identifiable information (PII) is being shared because of this closed-source vendor software that is sharing our private data.
This is why Nitrokey in general is dedicated to open source which is inevitable in order to achieve a secure system. Open source software (and hardware) is the only way to allow verifying a system’s behaviour and guarantee its security.
[SIZE=6]Are other smartphones affected?[/SIZE]
Another popular option which is frequently chosen for its privacy is the Fairphone. The Dutch company produces excellent phones allowing users to maintain the phone and replace parts themselves when broken. In spite of its reputation for bolstering users’ privacy, all Fairphone models contain a Qualcomm chip probably execute Qualcomm’s software. The Fairphone has therefore the same issue with sharing of personal data with the Qualcomm XTRA Service. Although not tested, we suspect that the same privacy issues affect many other choices of smartphone brands that use Qualcomm processors, including so called encrypted phones or crypto phones.
[SIZE=6]NitroPhone is secure[/SIZE]
https://www.nitrokey.com/sites/default/files/images/nitrophone_0.jpgNitrokey’s NitroPhone does not contain the Qualcomm chipset and our tests confirm that when GPS is turned-off, no requests for A-GPS are being made. When GPS is turned-on, to prevent Google from obtaining and storing your IP address, the NitroPhone’s GrapheneOS contacts and downloads the A-GPS files from google.psds.grapheneos.org, a proxy server supplied by GrapheneOS to protect users’ privacy. And unlike Qualcomm, GrapheneOS does not share any personal information with the GrapheneOS proxy servers, nor with Google or Qualcomm.
Furthermore, GrapheneOS allows you to disable the feature to request A-GPS files (opt-out) or, if you prefer, to use Android’s standard servers agnss.goog. At the moment, neither /e/OS, Lineage, or Sailfish OS nor any other phone we could find, supports this feature or provides this level of freedom.
[SIZE=6]Conclusion[/SIZE]
Qualcomm’s proprietary software is not only downloading some files to our phone to help establish the GPS location faster, but also uploads our personal data, such as the devices’ unique ID, our country code (Germany in this case), our cellphone operator code (allowing identification of country and mobile operator), our operating system and version and a list of software on the device. This creates a completely unique signature of us enabling behavioral tracking and decreasing user’s privacy significantly. No matter if we have GPS turned-off.
The fact that Qualcomm collects a large amount of sensitive data and transmits it via the insecure and outdated HTTP protocol shows us that they do not care about users’ privacy and security. This doesn’t require to speculate of Qualcomm collaborating with various government spy agencies, but also creates a risk when the traffic is potentially intercepted also by dictators and other suppressive governments not even requiring a collaboration with Qualcomm. Not only drones make frequent use of location information to target people. There are cases where people’s kidnappings and/or assassinations have been facilitated by the use of the victims location information. A most recent example is Iran where protesters get arrested because of their smartphone location tracking. This even doesn’t require tapping the phone. The cleartext traffic is also hotbed for data brokers which sell people’s data (e.g. shopping centers).
Affected users could try blocking the Qualcomm XTRA Service using a DNS-over-TLS cloud-based block service, or re-route this traffic yourself to the proxy server from GrapheneOS, but this requires technical expertise and does not provide the same level of security as the NitroPhone.

Update, 4/27/2023
The text has been corrected to state that the responsible software is not executed as firmware but in the operating system. Also requests to android.clients.google.com originate from microG.

Author
Paul Privacy is an independent security researcher with a focus on privacy and helping others to obtain privacy on their phones and computers. Because privacy is cool. And being spied on is NOT cool. Be private. Be Cool. For a free consult you can contact me at: [email protected] or follow me on Twitter at @PaulPrivacyCool
27.4.2023
[ul]
[li]mail[/li][li]share[/li][li]tweet[/li][li]Info[/li][/ul]
[SIZE=6]Comments[/SIZE]
Submitted by ezra abrams on 25. April 2023 - 16:29
Isn’t it easier for most peole to just carry their phone in a copper mesh bag, then buy some wierd custom ROM phone ?
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 26. April 2023 - 3:31
if this solves the issue for you, nothing will hold you back - personally I prefer my smartphone to have an internet connection available
[ul]
[li]reply[/li][/ul]
Submitted by BobDobbsJr on 26. April 2023 - 19:53
Sure, that will work as long as you never take it out of the bag.
[ul]
[li]reply[/li][/ul]
Submitted by Not Me on 27. April 2023 - 12:01
or just don’t have a (smart)phone in the first place :smiley:
[ul]
[li]reply[/li][/ul]
Submitted by Bill Dietrich on 25. April 2023 - 16:50
Re: “operates on the broadband processor (modem)”: I think this is the “baseband” processor. I could be wrong.
[ul]
[li]reply[/li][/ul]
Submitted by JackDonut on 25. April 2023 - 19:07
This is some bullshit they’re doing to say “e/OS bad, buy our phone” This is not indepedent 3rd party research
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 26. April 2023 - 3:30
please read carefully, it does not say anything about /e/ being bad, in the contrary, it is used because it is a well known and good de-googled phone OS and due to microG it might leak private data to 3rd party servers.
[ul]
[li]reply[/li][/ul]
Submitted by sebboh on 25. April 2023 - 19:19
Thanks for your work. I encourage you to reproduce this test on a cellular network. It may be necessary to use something like a “stingray” mobile base station.
[ul]
[li]reply[/li][/ul]
Submitted by Ben on 25. April 2023 - 19:49
Ist das Nitrophone 1 mit Snapdragon 730G auch betroffen?
[ul]
[li]reply[/li][/ul]
Submitted by Jan Suhr on 27. April 2023 - 13:59
Nein. (PSDS wird von GrapheneOS realisiert und iZat wird in GrapheneOS nicht verwendet.)
[ul]
[li]reply[/li][/ul]
Submitted by Anonymous on 25. April 2023 - 21:59
Kann das Verhalten auch beim 765 nachvollziehen.
[ul]
[li]reply[/li][/ul]
Submitted by Joe on 25. April 2023 - 22:57
What a load of sensationalized shite. Even the creators of grapheneOS, the OS on your “NitroPhone” (aka Google Pixel reflashed and sold for 2x the price), disagree with this article
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 22:12
Hey, thanks for making us aware. In the meantime we’ve updated the article to be more accurate, also based on GrapheneOS devs’ feedback and discussions.
[ul]
[li]reply[/li][/ul]
Submitted by Anonymous on 25. April 2023 - 23:29
Thank you, the article is interesting. As far as i know, the nitrophone is based on qualcomm SoC, namely Qualcomm Snapdragon 730G. Do you have some information that this SoC doesn’t contain AMSS or doesn’t communicate with ‘Xtra’ service ?
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 22:15
The sender origin is within the OS (the article was updated), by our best knowledge GrapheneOS does provide own (server) sources for A-GPS connections - thus none of the NitroPhones should be affected.
[ul]
[li]reply[/li][/ul]
Submitted by Jeremiah on 26. April 2023 - 4:05
Where do I get one?
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 22:16
You can find them in our shop
[ul]
[li]reply[/li][/ul]
Submitted by Anonymous on 26. April 2023 - 4:30
This is bullshit mainly because /e/OS uses microG, which connects to those ip addresses.
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 22:18
We updated the article, especially the origin of the requests. Although the initial observation (private data is leaked to a US server) is still valid.
[ul]
[li]reply[/li][/ul]
Submitted by realSiRiSn0w on 26. April 2023 - 5:05
A misleading article claiming big privacy breaches, while testing only one Qualcomm phone, that too is old (legacy device). On my de-googled xiaomi phone with sd888, i can’t find any connections to izatcloud.net. Besides, AOSP doesn’t connect to android.clients.google.com for Android device registration, microG does. You used e/OS with microG bundled in, but didn’t used vanilla LineageOS or GrapheneOS which ships without microG. Remember, microG is an implementation of Play Services. Therefore, i find this article a clickbait, which causes FUD amongst privacy-focused people.
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 22:48
Yes, point taken. We updated the article to be more accurate. The observation (although you are right for this specific device only) is still true that the device leaks possibly personal data.
[ul]
[li]reply[/li][/ul]
Submitted by Goertz on 26. April 2023 - 5:45
A: I’m worried about the security of my data after reading that Qualcomm sends it unencrypted! PP: No problem, I offer free consultations on such topics. Just send me an unencrypted mail with details of what you would like to hide. A (unencrypted mail to PP): I want to keep secret the fact that XXX PP (unencrypted reply): OK, my unbiased advice: buy a NitroPhone.
[ul]
[li]reply[/li][/ul]
Submitted by Anonymous on 26. April 2023 - 6:05
I call bullshit as well. Even if true, Qualcomm can know everything about me. You’re going to have to pry the 8 series chips from my cold dead hands.
[ul]
[li]reply[/li][/ul]
Submitted by KarlE on 26. April 2023 - 7:16
Mir ist klar, dass es schwieriger nachzuvollziehen ist: Habt ihr Erkenntnisse, dass die gezeigte Kommunikation auch über die Mobilfunkschnittstelle stattfindet? Was ist, wenn ich weder in einem WLAN eingebucht bin noch Mobilfunk-Daten aktiviert habe (also nur ins Mobiltelefonnetz eingebucht bin)? PS. @PaulPrivacyCool: ich finde, inzwischen wäre ein Fediverse-Account cooler als Musks Twitter.
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 22:49
Das wurde nicht getestet, dazu können wir nichts sagen.
[ul]
[li]reply[/li][/ul]
Submitted by CryptGoat on 26. April 2023 - 8:38
Schöner Werbepost, aber vielleicht hättet ihr euch mal mit den Entwicklern von GrapheneOS abstimmen sollen: [removed link]
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 22:51
Yes, wir haben mittlerweile den Artikel entsprechend angepasst.
[ul]
[li]reply[/li][/ul]
Submitted by nautnaut on 26. April 2023 - 9:03
Ok i get that the goal is to sell your phone and the research is very useful (thank you!), But what about legal actions? What can affected users/ orgs do about this? Looks like a case for a massive rgpd fine, no? How to do that? Who can start that?
[ul]
[li]reply[/li][/ul]
Submitted by nautnaut on 26. April 2023 - 9:31
Can you share logs of the requests with the data that is sent to Qualcomm?
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 22:52
Yes, we plan to do this.
[ul]
[li]reply[/li][/ul]
Submitted by Anonymous on 26. April 2023 - 10:43
If it is in plaintext HTTP, why not post the actual packets/requests instead of fear mongering with what “could” be sent? I’m guessing it literally is just a GET request for a static A-GPS file. No private data exfiltration. This is just an ad, provides no evidence of actual wrong doing by Qualcomm…
[ul]
[li]reply[/li][/ul]
Submitted by tom on 26. April 2023 - 11:08
In meinem DNS-Log sind sich ebenso SubDomains von izatcloud.net vorhanden. Danke für den Artikel!
[ul]
[li]reply[/li][/ul]
Submitted by Glycerin on 26. April 2023 - 11:36
Not very new indeed, read on /e/OS tracker (gitlab.e.foundation, issue 5765 - cannot add links to comments !?) gitlab.e.foundation/e/backlog/-/issues/5765
[ul]
[li]reply[/li][/ul]
Submitted by G on 26. April 2023 - 12:58
Many thanks for this report! It shows how important not only only Operating Systems are, but Open Hardware as well. It would be nice (and a lot of work) to have a HW leak comparison table, especially for those phones models that are often used with Custom ROMs.
[ul]
[li]reply[/li][/ul]
Submitted by Someone on 26. April 2023 - 14:30
This article is highly misleading and shows that Nitrokey is not aware of how A-GPS works. People with more knowledge have commented on it here: fosstodon.org/@biktorgj/110263336003756685 blog.brixit.nl/nitrokey-dissapoints-me/ And by the way, trying to block external links in comments here is a stupid idea. I get you need to prevent spam, but then at least put the comment in a moderation queue…
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 23:00
Thanks, for your suggestions. Generally the mastodon thread shows pretty good that leaking potentially private data is the thing we would like to focus on. Anyways, we also updated the article after collecting feedback, especially the origin of the request was clarified.
[ul]
[li]reply[/li][/ul]
Submitted by Roman on 26. April 2023 - 15:07
Please do the same tests with huawei phones. Thank you!
[ul]
[li]reply[/li][/ul]
Submitted by Anonymous on 26. April 2023 - 15:54
Rather old news. That was discussed on reddit already 7 years ago
[ul]
[li]reply[/li][/ul]
Submitted by Anonymous on 26. April 2023 - 16:00
Your own website states that your NitroPhone is based on the Pixel 4a. The CPU is a Qualcomm Snapdragon 730G, Octa-core.
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 23:01
Yes, using GrapheneOS - by our best knowledge GrapheneOS does provide own (server) sources for A-GPS almanac connections - thus none of the Nitrophones should be affected.
[ul]
[li]reply[/li][/ul]
Submitted by Dennis on 26. April 2023 - 16:02
What about Nitrophone 1? Have you tested it? The underlying Pixel 4a uses a Qualcomm-SOC.
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 23:02
There has been an update with the origin of the request - Nitrophone 1 is not affected to our best knowledge GrapheneOS does provide own (server) sources for A-GPS almanac connections - thus none of the Nitrophones should be affected.
[ul]
[li]reply[/li][/ul]
Submitted by jeff on 26. April 2023 - 19:48
I checked on a OnePlus 6 with default LineageOS (with microG) and I can also track the call to Izat On another one where I had updated it for using GrapheneOS SUPL I don’t have any trace of it
[ul]
[li]reply[/li][/ul]
Submitted by Volker on 27. April 2023 - 6:50
Greet Job! I use a degoogled phone with a mediatek chipset and the only thing I am wondering about is, whether it does the same. I will forward this research to the IT security departement of the company I am working for. Any foreign party could use this feature to generate a “heatmap” of our employees tracking, where the hotspot of activities are. More concerning is, that companies portals require Google’s Android or Apple iPhones, if you want to connect your phone for specific services to them. My degoogled phone, for instance, is blocked …
[ul]
[li]reply[/li][/ul]
Submitted by tomka on 27. April 2023 - 8:48
Ab Pixel 6… verwendet Google den Tensor-Chip. Sind als vorhergehende Modelle wie das Pixel 5 mit GrapheneOS auch von dem Leak betroffen?
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 23:04
Nein. (PSDS wird von GrapheneOS realisiert und iZat wird in GrapheneOS nicht verwendet.)
[ul]
[li]reply[/li][/ul]
Submitted by Anonymous on 27. April 2023 - 9:24
You did not do yourself a favor with this one. blog.brixit.nl/nitrokey-dissapoints-me/
[ul]
[li]reply[/li][/ul]
Submitted by Goertz on 27. April 2023 - 9:35
I noticed that negative comments about this advertisement aren’t published. While I don’t consider that as censorship (in the end it is your website) I consider it as not wise as there will be talked about that behaviour at other places. Don’t you agree?
[ul]
[li]reply[/li][/ul]
Submitted by meissner on 27. April 2023 - 23:08
We usually publish all comments - as long as the wording is not too aggressive/insulting. It just took some time as we were talking with several parties about the contents, which also led to some updates. So yes, we totally agree to keep things here.
[ul]
[li]reply[/li][/ul]
Submitted by Alice on 27. April 2023 - 13:34
I strongly recommend to update your article based on additional information the colleagues of GrapheneOS are giving in the Reddit r/privacy section with the title “German security company Nitrokey proves that Qualcomm chips have a backdoor and are phoning home” (posting links ia not allowed here) Also I wonder why you haven’t try to go on izatcloud.net Just reading this for me that feels just like a marketing stunt.
[ul]
[li]reply[/li][/ul]
[SIZE=6]Pages[/SIZE]
[ul]
[li]1[/li][li]2[/li][li]next ›[/li][li]last »[/li][/ul]
[SIZE=6]Add new comment[/SIZE]
Your name
Comment *

Twenty minus five = ? *
Fill in the blank.

https://www.nitrokey.com/sites/all/themes/nitrokey/footer_logo.svg
[SIZE=6]NEWSLETTER[/SIZE]

[SIZE=6]KEEP IN TOUCH[/SIZE]
TwitterMastodonGitHubFacebookNewsletterBlog FeedYouTubeLinkedInInstagram
[SIZE=6]CONTACT/LEGAL[/SIZE]
[ul]
[li]Terms and Conditions[/li][li]Data Privacy Policy[/li][li]Legal Information[/li][li]Contact[/li][li]Withdrawal[/li][li]Disposal of Old Devices[/li][/ul]

[SIZE=6]Be The first to know[/SIZE]
Stay informed about the Nitrokey project, new models and firmware updates.

[SIZE=6]Confirm e-mail address[/SIZE]
Please re-enter your email address
Nitrokey - Made in Germany