02-10-20 03:52 PM
550 123 ...
tools
  1. nevilleadaniels's Avatar
    Key2 TCL APP's loaded via "Preview" Chinese menu.
    Arrived just now. Possibly TCL's own app store.
    Since I knew nothing about it, I deleted it.
    12-19-19 10:48 AM
  2. nevilleadaniels's Avatar
    This is the mystery app shown in Blackberry Preview on the Key2 attached to updatesTCL 'Preview' app bloatware-screenshot_20191219-162624.jpeg
    stephenson28 likes this.
    12-19-19 11:30 AM
  3. sj10689's Avatar
    I deleted it as well. It showed up on my KEY2 device without any notice whatsoever. When it was "installed," it did not register on the DTEK app (which I have tracking all app installs), which is very suspicious. Apparently, the "Preview" app (which does not show up on DTEK's list of apps, and cannot be disabled) is indeed the culprit.

    I only found out it was an app by TCL Communication Ltd., once I read the app's privacy policy. That the remaining lone hardware manufacturer of "The World's Most Secure Android Device" could install shady apps like these is worrisome.

    What immediately tipped me off that this app is highly suspicious were the app recommendations, and the kind of shady marketing tactics (used to promote particular apps) that are reminiscent of malware. Plus, it has some kind of "battery cooler" feature often found in junk apps like Clean Master (pub:Cheetah Mobile).

    In sum, I cannot possibly see any net positive that could be derived from installing and using this very suspicious app.
    wtigga and elfabio80 like this.
    12-19-19 11:37 AM
  4. wtigga's Avatar
    I deleted it as well. It showed up on my KEY2 device without any notice whatsoever. When it was "installed," it did not register on the DTEK app (which I have tracking all app installs), which is very suspicious. Apparently, the "Preview" app (which does not show up on DTEK's list of apps, and cannot be disabled) is indeed the culprit.

    I only found out it was an app by TCL Communication Ltd., once I read the app's privacy policy. That the remaining lone hardware manufacturer of "The World's Most Secure Android Device" could install shady apps like these is worrisome.

    What immediately tipped me off that this app is highly suspicious were the app recommendations, and the kind of shady marketing tactics (used to promote particular apps) that are reminiscent of malware. Plus, it has some kind of "battery cooler" feature often found in junk apps like Clean Master (pub:Cheetah Mobile).

    In sum, I cannot possibly see any net positive that could be derived from installing and using this very suspicious app.
    Same thing with KeyOne from Optiemus (https://forums.crackberry.com/blackb...ew-app-1151545)

    This worries me beyond comprehension. And yes, DTEK was absolutely unaware of this, meaning that the "help" app has way more privileges and permissions than the security core of the device. I don't know if I want to keep using BlackBerry device anymore: I never had such blatant behavior of built-in apps in any other Android devices before.
    cribble2k likes this.
    12-19-19 12:07 PM
  5. falbo's Avatar
    How do you delete this. I have found it in the app drawer but when I touch and move it to the top it just goes to info about app.
    12-19-19 01:02 PM
  6. yamahammer's Avatar
    Same thing with KeyOne from Optiemus (https://forums.crackberry.com/blackb...ew-app-1151545)

    This worries me beyond comprehension. And yes, DTEK was absolutely unaware of this, meaning that the "help" app has way more privileges and permissions than the security core of the device. I don't know if I want to keep using BlackBerry device anymore: I never had such blatant behavior of built-in apps in any other Android devices before.
    Indeed worrisome... @wtigga can you confirm the following is Russian (Cryllic)?
    Attached Thumbnails TCL 'Preview' app bloatware-screenshot_20191219-122512-1-.jpg  
    12-19-19 01:39 PM
  7. conite's Avatar
    Same thing with KeyOne from Optiemus (https://forums.crackberry.com/blackb...ew-app-1151545)

    This worries me beyond comprehension. And yes, DTEK was absolutely unaware of this, meaning that the "help" app has way more privileges and permissions than the security core of the device. I don't know if I want to keep using BlackBerry device anymore: I never had such blatant behavior of built-in apps in any other Android devices before.
    It's hardly surprising, as the Preview app is designated a core component and gets an exception as a result.
    12-19-19 01:45 PM
  8. yamahammer's Avatar
    It's hardly surprising, as the Preview app is designated a core component and gets an exception as a result.
    So if somebody hacked into a TCL server.... ????
    Invictus0 likes this.
    12-19-19 01:50 PM
  9. conite's Avatar
    So if somebody hacked into a TCL server.... ????
    As opposed to a BlackBerry server?
    12-19-19 01:53 PM
  10. yamahammer's Avatar
    It's hardly surprising, as the Preview app is designated a core component and gets an exception as a result.
    Wouldn't a change to a core app have to be updated through a software update?
    12-19-19 01:55 PM
  11. yamahammer's Avatar
    As opposed to a BlackBerry server?
    That too!
    12-19-19 01:55 PM
  12. conite's Avatar
    Wouldn't a change to a core app have to be updated through a software update?
    I'm still trying to figure out what's going on here. I'm assuming it's only going out to non Google devices.

    Edit: I assumed incorrectly.
    Last edited by conite; 12-20-19 at 01:16 PM.
    12-19-19 01:57 PM
  13. yamahammer's Avatar
    I'm still trying to figure out what's going on here. I'm assuming it's only going out to non Google devices.
    Both my Keyone's have it showing in the Preview app. I'm googled.
    12-19-19 02:00 PM
  14. wtigga's Avatar
    Indeed worrisome... @wtigga can you confirm the following is Russian (Cryllic)?
    This is technically Russian, but I can guarantee that it is written by a Chinese person without language skills:
    1. It lacks spaces between words (common mistake for Chinese who doesn't have spaces in their language)
    2. It has Chinese comma ,
    3. Grammar is close to nonexistent, probably translated by a bad MT.

    I don't know what quality and/or security of the code (the one user can't see) can one expect when they have this kind of attitude to the things visible to the end user.
    joshualebowitz likes this.
    12-19-19 02:11 PM
  15. wtigga's Avatar
    I'm still trying to figure out what's going on here. I'm assuming it's only going out to non Google devices.
    Mine had Google services from the box. BB100-7. I haven't got a single security update in 11 months yet I got this bloatware update somehow.

    As opposed to a BlackBerry server?
    This Preview app has hidden permission to install things like Clean Master (Chinese app) and "App" store (no idea where did those came from). So you don't have to hack into TCL or BlackBerry service, just hack into any of the two aforementioned apps. I used to work in a Chinese company and I know that you can expect little to none privacy or security concerns from their developers.
    Last edited by wtigga; 12-19-19 at 02:17 PM. Reason: upd
    12-19-19 02:12 PM
  16. conite's Avatar
    Both my Keyone's have it showing in the Preview app. I'm googled.
    Mine had Google services from the box. BB100-7. I haven't got a single security update in 11 months yet I got this bloatware update somehow.
    Just force stop the preview app, and disable the "drawing over other apps" permission.

    Then it can't do anything anyway.
    BBuso77, BigAl_BB9900 and valer466 like this.
    12-19-19 02:13 PM
  17. BBuso77's Avatar
    I have a Rogers KEYone and I have been checking for this app since I saw a thread a few days ago. I didn't have it this morning and now it shows as an update available. WHAT??!!
    12-19-19 02:15 PM
  18. wtigga's Avatar
    Just force stop the preview app, and disable the "drawing over other apps" permission.

    Then it can't do anything anyway.
    It doesn't have permissions to install apps from third parties and yet I got "App" installed silently anyways.
    I have notifications disabled and yet it pops up notifications suggesting install Clean Master; when long pressed, the system says I can't disable notifications for Preview.
    At this point, I assume the whole system is compromised.
    joshualebowitz and valer466 like this.
    12-19-19 02:16 PM
  19. BBuso77's Avatar
    Just force stop the preview app, and disable the "drawing over other apps" permission.

    Then it can't do anything anyway.
    Doing it now.
    12-19-19 02:17 PM
  20. conite's Avatar
    It doesn't have permissions to install apps from third parties and yet I got "App" installed silently anyways.
    That's not what I mentioned.
    12-19-19 02:18 PM
  21. wtigga's Avatar
    That's not what I mentioned.
    I understand what you said, but given that the Preview app ignores other settings and permissions, I doubt that disabling "drawing over other apps" would really help. So far only hiding it in the locker helps from unsolicited notifications and actions.
    12-19-19 02:24 PM
  22. conite's Avatar
    I understand what you said, but given that the Preview app ignores other settings and permissions, I doubt that disabling "drawing over other apps" would really help. So far only hiding it in the locker helps from unsolicited notifications and actions.
    If an app is allowed to draw over others, it can pretty much do anything it wants. It doesn't need the other permission you refer to.
    12-19-19 02:25 PM
  23. elcheapodeluxe's Avatar
    Wouldn't disabling background data access also be advised here?

    FWIW: My Key2 LE BBE100-5 has not had the aforementioned icon appear. Will have to get home to check my old Key2.
    12-19-19 03:06 PM
  24. John Albert's Avatar
    Guys, don't use any Android device without at least two months old security patch.

    You might lose very important things with such security breach.
    12-19-19 03:11 PM
  25. wtigga's Avatar
    Wouldn't disabling background data access also be advised here?

    FWIW: My Key2 LE BBE100-5 has not had the aforementioned icon appear. Will have to get home to check my old Key2.
    When I tap on the "Data usage" of the Preview, it moves me to the data usage page of Android OS. In other words, I can't disable background data access for Preview.
    Also the app restarts itself after force-stop after some time.

    Guys, don't use any Android device without at least two months old security patch.
    You might lose very important things with such security breach.
    I don't even receive any security patches since January. As Optiemus support said,

    As per your below mentioned mail would like to inform you BlackBerry KeyOne updated build number in ABP244. If your handset on the same build number so it’s already updated, If we have any information for upcoming software update so we’ll let you know.
    (bbcare@optiemus.com)
    Last edited by wtigga; 12-19-19 at 03:14 PM. Reason: added about security patch
    12-19-19 03:12 PM
550 123 ...

Similar Threads

  1. Google's Photos App: Alternatives?
    By JHBrandt in forum BlackBerry Priv
    Replies: 14
    Last Post: 01-02-20, 06:00 PM
  2. Replies: 11
    Last Post: 12-25-19, 12:03 AM
  3. I accidentally deleted files on my KEY2. Are there any apps/programs to recover them?
    By EZ2LOOKATASIAN in forum General BlackBerry Discussion
    Replies: 10
    Last Post: 12-18-19, 06:01 PM
LINK TO POST COPIED TO CLIPBOARD