Security audit raises severe warnings on Chinese smartphone models

Enlarge / Be sure you know what you’re getting into before buying and using unfamiliarly branded smartphones—especially international models not originally intended for your country. (credit: Clover No. 7 Photography via Getty Images)

The Lithuanian National Cyber Security Centre (NCSC) recently published a security assessment of three recent-model Chinese-made smartphones—Huawei’s P40 5G, Xiaomi’s Mi 10T 5G, and OnePlus’ 8T 5G. Sufficiently determined US shoppers can find the P40 5G on Amazon and the Mi 10T 5G on Walmart.com—but we will not be providing direct links to those phones, given the results of the NCSC’s security audit.

The Xiaomi phone includes software modules specifically designed to leak data to Chinese authorities and to censor media related to topics the Chinese government considers sensitive. The Huawei phone replaces the standard Google Play application store with third-party substitutes the NCSC found to harbor sketchy, potentially malicious repackaging of common applications.

Huawei’s P40 is still stuck on Android 10, while Xiaomi ships with 10 but can be upgraded to 11. Only the OnePlus 8T shipped from the factory with Android 11 installed. (credit: Lithuanian NCSC)

The OnePlus 8T 5G—arguably, the best-known and most widely marketed phone of the three—was the only one to escape the NCSC’s scrutiny without any red flags raised.

Read 16 remaining paragraphs | Comments