UPDATE: Huawei has issued a public response to the issue, providing additional context and a possible fix.
A new update that’s being distributed for select Huawei smartphones in China is appears to be deleting images which are being downloaded through the Twitter app. This story came to light when a Huawei smartphone user in China tried downloading images of his friend’s dog through the Twitter app. The user received a notification that the system had recognized that the images had been flagged as being downloaded through Twitter and that they would be deleted from the device. The publication which first published the story characterized it as Huawei having a back-door mechanism on the device, monitoring the user’s activity on Twitter which is banned from being used in China.
The issue itself has been verified by multiple Huawei smartphone users which went out of their way to record it and share it with others. To many, this incident reinforces the notion that Huawei’s smartphones are spying on their users, putting personal information at risk. That being said, we think that the story is being overblown.
Several Honor and Huawei users reported that the issue started showing update after the installation of a recent update. However, it’s unclear if the update is the culprit or if it’s a new mechanism that was included with a recent update to the Twitter app. The notification actually states that the Twitter app is responsible for deleting the image. The same users who have experienced the issue have been able to download images through Twitter.com and third-party Twitter applications. We’re hoping that someone will be able to dig into the update package and analyze what is going on.
Even if the images downloaded through the Twitter application are being flagged and deleted by the recent update that’s being pushed out by Huawei, we wouldn’t call this a backdoor vulnerability. As it should, Android is notifying the user that an image is being deleted. The images in question are being deleted from a Chinese phone which is being used in China from an application which is banned within China. China’s public stance on Twitter is not a secret, so we don’t think there’s anything nefarious at play here.
We don’t see this issue spreading to markets outside of China and in our understanding, this issue has nothing to do with the US government’s stance on Huawei’s close ties to the Chinese government. But the issue of perception still persists. Has this new incident changed your perspective on Huawei?