Android community worried about presence of “Chinese spyware” by Qihoo 360 in Samsung smartphones and tablets

Posted on Jan 9, 2020 by Caleb Chen
Samsung Logo

Earlier this week, the Android community on Reddit erupted in discussion over a thread titled: “Chinese Spyware Pre-Installed on All Samsung Phones (& Tablets)” that has since been labeled as misleading by moderators. In addition, it’s also been noted by observant redditors that the original poster (OP) of the thread may have been a purchased account fired up with the intent of causing discontent and stirring up anti-China sentiment. The controversy, clarification by Samsung, and ensuing discussion are still worth looking into, though.

Prompted by the post, many users noticed that the storage scanner in the Device Care section included a little note: “powered by 360.” Even in China, Qihoo 360 is well known for its past privacy transgressions and controversies and it’s understandable why Samsung users would be incredibly concerned that anything at all from Qihoo is preinstalled on their phone. Qihoo 360’s international reputation is so bad that even the “powered by 360” catchphrase, which does bely a lesser partnership than bundled antivirus on the phone, was enough to cause considerable worry.

Samsung clarifies why Qihoo 360 code is on their smartphones and tablets

Samsung Members Korea issued a quick response to quell the rising uproar over the presence of code from an abhorred Chinese company being on Samsung devices. Samsung explained that Qihoo 360 is only used as a reference for their database of viruses or bad files and that Samsung is not passing along information like IMEI and phone number to a shady Chinese company:

“The answer is that it does not use any function of 360 Security app, but outsourcing only DB checking for unnecessary files. Deletion logic is handled by Samsung’s logic, and it is said that 360 DB is used to check the Junk File that can delete files.”

The top comment on the official response thread explained further:

“This is something I’ve been saying for ages. Yes, Samsung partners with these companies, because they have an extensive database of “junk” files that can be cleaned (because unlike on Windows with CCleaner, it’s not as straightforward on Android, apps storing their extra, necessary files in various user-accessible locations that might be considered junk).

Samsung embeds a small system provided by 360 (and before that Clean Master) that downloads said database from 360’s own servers, and does periodical update checks. I don’t understand why Samsung didn’t opt for simply hosting the database on their own servers, which would’ve avoided all these controversies and fear-mongering, however it’s most likely the deal with 360 (that, and the attribution to their app in Device Cleaner).”

Samsung still doesn’t have the best track record on privacy, though

Samsung is proving to be quite the monolithic opponent of individual user privacy as they continue to implement questionable policies and apps into their products. The fact that these privacy violating behaviors are baked into Samsung devices should be concerning to any user of any Samsung device. Samsung smart TVs are smart enough to upload clips and screenshots of what you’re watching for automatic content recognition, for goodness sake! This is something that Samsung does by itself, without having any controversial international companies involved.

At this point, I’d think twice about buying a Samsung refrigerator or Samsung washing machine. The warnings of privacy violating IoT devices making their way into our homes are unfortunately coming true on a faster timeline than anyone could have thought. Privacy disrespecting corporations have realized that there’s no need to wait for the 5G revolution to put privacy leaking devices everywhere when customers will pay money for a device and then unwittingly become a further revenue source when connecting the device via their home WiFi connections.