eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
1Privacy Concerns About BLU Handsets Prompt Temporary Amazon Sales Ban
There smartphone market is crowded with handset makers that have small user bases and usually fail to attract much attention. But a small vendor named BLU Products attracted the wrong kind of attention recently, after security firm Kryptowire demonstrated how an application running on its devices could be collecting data and sending it to China. Soon after, Amazon, which has been a critical BLU marketing partner, responded by temporarily suspending sales of its smartphones. BLU responded to Amazon’s action by denying it has done anything wrong. Now BLU is trying to reassure customers who may have shied away from the company’s handsets. This slideshow will describe origins of the Amazon-BLU dispute.
2Who Is BLU, Anyway?
BLU is a small American smartphone maker based in Miami, Fla.. The Latin-owned company founded by Brazilian entrepreneur Samuel Ohev-Zion, sells several different devices, all with varied designs and price levels. However, generally speaking, BLU has built its brand on affordable devices that in some cases, cost around $50 or $60 and are marketed widely to Latin communities in the U.S. and abroad.
3The Amazon Marketplace How Important Is Amazon to BLU?
Amazon is critical to BLU’s business. Last year, for instance, BLU was part of Amazon’s Prime Exclusive Phones program, which helped Amazon build out its mobile offering and enabled BLU to get some much-needed attention on the giant online marketplace. BLU has also proven to be one of the most popular smartphone makers on Amazon. BLU’s Advance 5.0 was recently the third-most-popular handset for sale on the site.
4Kryptowire Studies BLU Handsets
At the center of the recent controversy is Kryptowire, a security firm that recently analyzed BLU devices of late. The company, which presented its findings at the Black Hat conference in Las Vegas in July, revealed that the BLU devices it tested was running software running that would collect device data and transmit it to a server in Shanghai, China without the user’s knowledge or consent. Kryptowire claims to have found the software on three BLU smartphones.
5Shanghai Adups Technology Is the Source of the Offending Software
The source of the offending software is Shanghai Adups Technology, China-based company that describes itself as a provider of firmware that can be wirelessly updated when running on mobile and Internet of Things devices. Shanghai Adups Technology has admitted its software has a flaw that transmits data to China, but has calls the issues a mistake.
6This Isn’t the First Time This Issue was Found on BLU Handsets
This is the second year that security researchers found that BLU smartphones were sending data to China. In 2016 researchers found that certain BLU smartphone models had the Shanghai Adups Software that transferred data. BLU said that it would update its devices to remove the feature while Shanghai Adups Technology said its inclusion BLU devices was inadvertent. It was believed then that BLU handsets no longer sent data back to China the after promised updates were implemented.
7How Data Transmission Feature Works
Kryptowire found Shanghai Adups software would enable the device to collect data and send it to China, where it can be analyzed and used to invade a user’s privacy. However the software can also open a line of communication between the device and a command and control server. This would allow a malicious user half a world away to seize control of the handset as completely as the authorized user. The malicious user for example could wipe a device clean or steal information.
8Amazon Responds to the Reports
Not long after news broke of the privacy breach, Amazon responded. The company swiftly removed all BLU handsets from its online marketplace pending a review of its devices and the company’s data privacy policies. They sent the handset maker into a tailspin and prompted the company to criticize the media for publishing erroneous reports about the security of its smartphones.
9BLU Denies the Existence of Malware on Its Handsets
On July 31 BLU issued a statement asserting there is no malware, spyware, or “secret software” running on its smartphones. BLU said that its smartphones did suffer from some data-leakage last year, but it had resolved the problem. BLU argues that any data collected by its handsets follows standard industry practices and falls within its privacy policy. The company also asserted that it is committed to maintaining user privacy
10BLU Handsets Are Now Back on Amazon
BLU might have been redeemed. As of this writing, Amazon has brought back BLU devices and is selling the company’s handsets on its ecommerce site. The BLU R1 HD, one of the company’s most popular devices, is in 20th place in the list of best selling smartphones on Amazon.com. It’s unknown how overall sales of BLU handset models affected by Amazon’s temporary ban.
11The Implications Going Forward
While BLU’s smartphones can again be purchased on Amazon.com, sales don’t appear to be quite as strong as they recently were. BLU is still trying to overcome market perception charges that its smartphones routinely violate user privacy. So it remains unclear whether BLU can regain its previous sales momentum and permanently resolve the bad press about its products.