Telemetry found in Nokia 7.2 & 6.2
Hello! I would like to hear Nokia or HMD Global official reply to the following posts: No 1 (English):
Telemetry found in Nokia 7.2 & 6.2
Hello!
I would like to hear Nokia or HMD Global official reply to the following posts:
No 1 (English): https://www.reddit.com/r/privacy/comments/fbxg0a/less_than_a_year_after_removing_3rd_party/
No 2 (German): https://www.androidpit.de/forum/801980/kennt-jemand-das-paket-co-sitic-pp
I can confirm that my device has the same app they speak about
4
Howdy, Stranger!
Categories
- 32.2K All Categories
- 27.2K Phones
- 36 Nokia G50
- 10 Nokia C30
- 55 Nokia XR20
- 4 Nokia C01 Plus
- 69 Nokia X20
- 13 Nokia X10
- 66 Nokia G20
- 16 Nokia G10
- 6 Nokia C20
- 6 Nokia C10
- 13 Nokia 1.4
- 4 Nokia C1 Plus
- 269 Nokia 5.4
- 111 Nokia 3.4
- 80 Nokia 2.4
- 2 Nokia C3
- 258 Nokia 8.3 5G
- 380 Nokia 5.3
- 18 Nokia 1.3
- 147 Nokia 2.3
- 1.3K Nokia 7.2
- 245 Nokia 6.2
- 443 Nokia 9 PureView
- 160 Nokia 2.2
- 1.6K Nokia 8.1
- 889 Nokia 7.1
- 4.6K Nokia 6.1 Plus
- 1.9K Nokia 5.1 Plus
- 2.2K Nokia 7 plus
- 344 Nokia 8 Sirocco
- 1.4K Nokia 8
- 2.1K Nokia 6.1
- 2K Nokia 6
- 228 Nokia 5.1
- 1.2K Nokia 5
- 214 Nokia 4.2
- 103 Nokia 3.2
- 777 Nokia 3.1 Plus
- 290 Nokia 3.1
- 964 Nokia 3
- 239 Nokia 2.1
- 527 Nokia 2
- 75 Nokia 1 Plus
- 283 Nokia 1
- 50 Nokia X7
- 536 Feature Phones
- 11 Nokia 5310
- 14 Nokia 800 tough
- 20 Nokia 2720 Flip
- 4 Nokia 110
- 1 Nokia 105
- 7 Nokia 220 4G
- 4 Nokia 210
- 78 Nokia 3310 3G
- 283 Nokia 8110 4G
- 402 All phones
- 19 Tablets
- 3.3K General
- 89 Home of Nokia Phones
- 52 Announcements
- 2 Tutorials
- 178 All about Community
- 7 Rules & Guidelines
- 463 Community Feedback
- 192 Contest & Activities
- 14 #Campfire
- 25 Global Contests
- 4 Q&A's
- 36 #ShotOnNokia Challenges
- 867 Ideas
- 612 Anything goes
- 3.3K Tech talk
- 118 Software and Specs
- 2.2K Beta labs
- 305 Beta labs
- 214 Android Developer Preview
- 230 India
Comments
i have the same application in my 7.2, and my phone was made in India.
This is a privacy/security issue. Please provide us some clarity here HMD
I dont have this app in my 7.2
@Akhil did you check in Data usage? App is not visible in System apps.
It isn't exactly telemetry. But yeah it should not have been there in regions in which that carrier does not operate.
I did a long answer on Reddit about this.
@singhnsk @Burkhard Korak i don't get it
why does this app speak to Columbia several times per day? why sms access? why is it not displayed in system apps?
If worried, it's quite simple to disable (or remove) that component entirely.
(Agreed, it shouldn't be there in first place!)
How to:
https://www.xda-developers.com/disable-system-app-bloatware-android/
Disable:
adb shell pm disable-user --user 0 co.sitic.ppRemove (use with caution!)
adb shell pm uninstall --user 0 co.sitic.ppEDIT/Update:
As this component and it's .apk (sysdll.apk) are installed in "system/priv-app/" it might be impossible to totally disable it this way.
IDK if 'sysdll.apk' is used to or by any other app or service...
"uninstall" works fine, I did it a week ago, no issues and no telemetry
don`t forget to reboot the phone
TY!
Witch one did You uninstall, co.sitic.pp or sysdll.apk?
@Jocke.Sve I am somewhat extreme when it comes to privacy, so I removed 5 apps:
The original post (the English one) is mine
I confirmed my findings with a couple of users on my local forum (also they gave me the German forum link) before posting this.
I was not able to reach Nokia \ HMD by email or otherwise, so this forum is my last chance to get a comment.
I really don`t want to jump to conclusions and I would like an official statement.
I have been pointed to a comment here on Reddit
According to author, this is a killswitch for phones locked to a specific carrier, not a telemetry. So, the issue is killswitch preinstalled on phones in (probably) all regions.
A Colombian company can still log requests from all devices around the world and get the data of daily active devices in every country by IP. Not good.
Upd: @singhnsk you did not link your Reddit reply when you replied to me here and I did not see it until today 😃
No negative effect after uninstalling co.sitic.cc!
The question is though: How and why the heck it's there from the beginning??
Android One should NOT contain anything like this!
I thought I won't do self promotion here lol. That's a fair privacy risk. Somebody at HMD should clarify about this. I am sure, it is a mistake and not a deliberate attempt at logging the users.
@Jocke.Sve Is the sitic app different than the sysdll.apk? It is just a visible package name for the sysdll.apk, right?
I'm not 100% sure but I assume You are correct.
After uninstalling I cant see the sysdll package anymore.
Hi @Peter-Parker
We are aware of this app. We can confirm it is a customization element for an operator. For handsets that do not require this app, it will be removed during the Android 10 update, coming soon. Thanks for sharing your concerns, we can reassure you that they are unnecessary.
Best regards,
Laura
Great great! Thank you for the official reply. Was able to figure this by disassembling the APK already though. Thank you for ensuring that you'll be saying goodbye to it during the A10 update which is happening very soon 😊
Hi @HMDLaura ,
Thanks a lot for your reply and for preparing a fix for this issue.
There is also a smaller concern about a daily connection to dapi.hmdglobal.net
I could not find the part in Privacy policy or Legal information in my phone that reflects these connections. Is this diagnostics data? What does it consist of? Does it fall under Privacy policy?
I found the app.. I revoked all permissions of the app and disabled background data.. phone is working fine except that app window pops up 3-4 times a day..
Thanks for replying. But being Nokia is Most Trusted Brand since many years, we have never expected this. So my request to you please don't do this in future. We love Nokia brand.
Hi everyone!
I have a new connection logged from my Nokia 6.2, the URL is
tls.telemetry.swe.quicinc.comI found some forum discussion that links that connection to the app:
com.qualcomm.qti.qms.service.connectionsecuritySo, either this app was sleeping or it had nothing to send for a month after purchase.
This is not hidden, not exactly 3rd party (since Qualcomm is hardware vendor), but still a telemetry.
I think Privacy policy should be updated to clearly state that some (diagnostics? non-personal?) data is being sent to HMD and it's partners.
P.S. could someone please edit the topic title and remove "hidden" and "3rd party" from it, so the title would not be misleading?
P.S. could someone please edit the topic title and remove "hidden" and "3rd party" from it, so the title would not be misleading?
Hi @Peter-Parker, I have modified the title as per your suggestion.