[The Cure53 researchers investigated the Android version of the app, which is used in smartphones made by Chinese manufacturers such as Huawei, Oppo and Vivo, but did not look into the version available on Apple’s iOS. Android-based phones account for the vast majority of smartphones in China, with Apple making up only 6 percent of the market as of June, according to Counterpoint, a research consulting firm based in Hong Kong.]
By Anna Fifield
 |
|
People
use in September their smartphones to take photos of an art installation
in
Shanghai. (AP)
|
BEIJING
— The Chinese Communist
Party appears to have “superuser” access to the entire data on more than 100
million Android-based cellphones through a back door in a propaganda app that
the government has been promoting aggressively this year.
An
examination of the coding of the app used by phones running the Android
operating system shows it enables authorities to retrieve messages and photos
from users’ phones, browse their contacts and Internet history, and activate an
audio recorder inside the devices.
“The [Chinese Communist Party] essentially
has access to over 100 million users’ data,” said Sarah Aoun, director of
technology at the Open Technology Fund, an initiative funded by the U.S.
government under Radio Free Asia. “That’s coming from the top of a government
that is expanding its surveillance into citizens’ day-to-day lives.”
The party, led by President Xi Jinping,
launched the app, called Study the Great Nation, in January. The name is a pun
because the Chinese word for study — “xuexi” — contains the authoritarian
leader’s family name.
The app contains news articles and videos,
many of them about Xi’s activities or his ideology, “Xi Jinping Thought.” There
is even a sense of competition, with users earning points for reading articles
and commenting on them, and a leader board showing how users are faring in
quizzes.
The app has been called Xi’s high-tech
equivalent of Mao Zedong’s Little Red Book and was launched amid a campaign to
bolster the Communist Party’s ideological control over the Chinese population.
It quickly became the most downloaded app in
China, with state media reporting in April — the most recent figures available
— that it had more than 100 million registered users.
Digital
forensics
The Open Technology Fund contracted Cure53, a
German cybersecurity firm, to break apart the app and determine its exact
capabilities.
The Cure53 researchers investigated the
Android version of the app, which is used in smartphones made by Chinese
manufacturers such as Huawei, Oppo and Vivo, but did not look into the version
available on Apple’s iOS. Android-based phones account for the vast majority of
smartphones in China, with Apple making up only 6 percent of the market as of
June, according to Counterpoint, a research consulting firm based in Hong Kong.
Apple said that, while the app could be
downloaded on its devices, this type of “superuser” surveillance could not be
conducted on Apple’s operating system.
There have been suspicions about the app’s
invasiveness — although many people in China are conscious that the authorities
can read their messages. A cybersecurity law enacted two years ago required all
tech companies to share user data with the government.
Although they were not able to fully assess
the app’s functionalities because of code designed to thwart attempts to
dissect the app, the Cure53 auditors found code that amounts to a back door
into the phone that is able to run arbitrary commands with “superuser”
privileges.
Granting such privileges is tantamount to
giving administrator-level access to a user’s phone, and this kind of code is
generally considered to be malicious. Superuser privileges give developers the
power to download any software, modify files and data, or install a program to
log key strokes.
“It’s very, very uncommon for an application
to require that level of access to the device, and there’s no reason to have
these privileges unless you’re doing something you’re not supposed to be,” said
Adam Lynn, the Open Technology Fund’s research director.
“The access itself is significant. The fact
that they’ve gone to these lengths [to hide it] only further heightens the
scrutiny around this,” he said.
The investigation could not reveal how the
code or the information it gathered was being used, but there was no legitimate
reason a supposedly educational app would seek to run commands on users’ phones
with high privilege levels, the fund wrote in a commentary about the Cure53
report.
[‘Boiling us like frogs’: China’s clampdown on Muslims creeps into the heartland, finds new targets ]
A review of the terms and conditions of the
app, which was developed by the Communist Party’s Propaganda Department in
collaboration with Chinese tech giant Alibaba, show that users must agree to
allow access to a vast trove of information and functions.
This includes allowing the app to access and
take photos and videos, transmit the user’s location, activate audio recording,
dial phone numbers and trawl through the user’s contacts and Internet activity,
as well as retrieve information from 960 other applications including shopping,
travel and messaging platforms. It even requires the ability to connect to WiFi
and turn on the flashlight, according to the terms listed by Xiaomi, another
Chinese smartphone manufacturer.
“It can take over the entire device, and it
could be sending back information,” said Lynn.
How
it works
The
Android version of the app collects and sends detailed log reports on a daily
basis, containing a wealth of user data and app activity, the investigation
found.
The State Council Information Office,
responding on behalf of the Propaganda Department, denied the app contained
such functions.
“We learned from those who run the Study the
Great Nation app that there is no such thing as you have mentioned,” the office
said in a response to faxed questions outlining the report’s main findings.
Alibaba declined to comment, referring
questions to the Propaganda Department. It has previously said that the app was
built using software from its messaging app, DingTalk.
A spokesman for DingTalk tried to distance
the subsidiary from the app.
“DingTalk is an open technology platform, and
its suite of technology tools can be used for independent development of other
applications and does not have any ‘backdoor code’ or scanning issues,” the
spokesman said in a message forwarded by Alibaba.
But Alibaba’s fingerprints were all over the
app. The packages that contain the backdoor code have the values “aliyun and
alibaba,” suggesting these packages were created and are maintained by Alibaba
or Alibaba Cloud, the Open Technology Fund said.
Alibaba’s founder, Jack Ma, has an array of
U.S. investments, including Lyft.
To use the app, users must sign up with their
real names and cellphone numbers, creating a trail since all phones in China
must be registered to a national ID card number.
“They’re making Study the Great Nation app
users wear electronic handcuffs,” wrote one Chinese Twitter user, identifying
him or herself as an independent China researcher. “It’s so horrible.”
Use of the app in China is not exactly
voluntary. The Communist Party has issued directives to its members to download
the app, as have many workplaces.
Organizations from the Beijing Chaoyang
Lawyers’ Association and Peking University to the Hunan Vocational College of
Science & Technology and a bus company in Jinan province have ordered their
members to use the app.
Starting this month, about 10,000 reporters
and editors in Beijing will take part in a pilot test that is expected to
extend nationwide, in which they will be tested on their knowledge of Xi
Jinping Thought through the app.
The Propaganda Department’s media oversight
office made it clear that only those who passed would get new press cards,
which are required to work as a journalist in China.
Last month, 60 proficient app users were
chosen to come to Beijing and watch a special artistic performance in the Great
Hall of People on Tiananmen Square.
Ma Weizhong, the deputy director of Chizhou
Environment Bureau in Anhui province, said he felt “blood surging in my heart”
when he learned he would be going. “I felt both proud and honored, and a great
sense of responsibility,” Ma, who started using the app in January, told local
media.
Others are not so happy about their
workplace-mandated usage sessions, which have become so stringent that some
entrepreneurial types have started services where they will log app hours on a
customer’s behalf.
“Sometimes even when I’m very tired and have
put my baby to sleep, I still have to complete my Study the Great Nation,
otherwise my pay will be cut,” one disgruntled app user wrote on Weibo, the
Chinese answer to Twitter. Another complained about having to write a
2,000-word self-criticism because that person didn’t earn enough points on the
app.
The Open Technology Fund concluded that the
app contained code that should be alarming to users and app store owners alike.
“What’s clear is that while the CCP
advertises ‘Study the Great Nation’ as a way for citizens to prove their
loyalty and study their country, the app’s maintainers are studying them right
back,” it wrote in its commentary.
Wang Yuan, Liu Yang and Lyric Li in Beijing
and Greg Bensinger and Reed Albergotti in San Francisco contributed to this
report.
