Being able to command a device to send you info or perform tasks is different than the device sending info of its own accord.
In this context, where it’s implied to send without the owner’s knowledge (ignoring the fact it’s documented), not really. The article screams “gotcha!” when in reality it didn’t, so they’re trying to backtrack and downplay their initial response. But I do appreciate their update, it’s just got a PR spin to it.
Edit: if the article was initially written as more of a “did you know” and/or expanding on existing documentation, wouldn’t be an issue. It’s the “it’s secretly stealing” that implies malice which is part of the definition of malware… that’shares a category with backdoor. So splitting hairs in the name of PR.
https://www.nitrokey.com/news/2023/smartphones-popular-qualcomm-chip-secretly-share-private-information-us-chip-maker
Tldr it’s used to make initial GPS fix faster by getting satellite positioning information.
That’s a good read, especially the additional context at the bottom of the article.
Not a fan of how they say “we didn’t say it’s a backdoor,” but have “secretly share” in the URL and article title.
A backdoor would imply some sort of external control I’d think, a much broader potential for harm.
Being able to command a device to send you info or perform tasks is different than the device sending info of its own accord.
Yes, technically a backdoor listens: https://csrc.nist.gov/glossary/term/backdoor
In this context, where it’s implied to send without the owner’s knowledge (ignoring the fact it’s documented), not really. The article screams “gotcha!” when in reality it didn’t, so they’re trying to backtrack and downplay their initial response. But I do appreciate their update, it’s just got a PR spin to it.
Edit: if the article was initially written as more of a “did you know” and/or expanding on existing documentation, wouldn’t be an issue. It’s the “it’s secretly stealing” that implies malice which is part of the definition of malware… that’shares a category with backdoor. So splitting hairs in the name of PR.
there is an important difference between sending data and accepting remote control