• Heratiki
    link
    fedilink
    arrow-up
    14
    arrow-down
    1
    ·
    11 months ago

    According to this Tom’s Hardware article (https://www.tomshardware.com/desktops/mini-pcs/mini-pc-maker-ships-systems-with-factory-installed-spyware-acemagic-says-issue-was-contained-to-the-first-shipment) it isn’t firmware based spyware but just existing on the machine drive.

    They were also found on the restore partition so a full wipe and fresh install would eliminate the issue. AceMagic have also claimed that the issue was isolated to the first round of shipments.

    • Bitrot@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      2
      ·
      11 months ago

      This article says the same thing, but it’s worth people being aware that firmware is a vector.

    • CaptObvious@literature.cafe
      link
      fedilink
      arrow-up
      7
      arrow-down
      1
      ·
      11 months ago

      It’s reasonable to consider whether to trust a company that shipped spyware in the first place. I would have a hard time with that.

      • krolden
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        11 months ago

        Better stop using any modern cellphone ever then.

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          arrow-up
          1
          arrow-down
          2
          ·
          11 months ago

          Trying to, but credible alternatives just don’t exist. I really want a Linux phone, but battery life and basic features just aren’t there.

      • Heratiki
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        11 months ago

        It’s more than likely they “borrowed” some other Chinese company’s cloned Windows drive and used it for their install rather than roll their own. Could be they were malicious but coming out and claiming it was an error so quickly doesn’t really push that narrative hard.

        • CaptObvious@literature.cafe
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          11 months ago

          If they weren’t the original malicious actor, then their quality control sucks. Either way, they shipped a booby-trapped system. Trusting them again will be hard for a lot of people.

        • CaptObvious@literature.cafe
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          11 months ago

          We’re going to agree to disagree about that. Being caught red-handed would trigger an immediate mea culpa if they want to preserve plausible deniability and try again later.