02-10-20 02:52 PM
550 1234 ...
tools
  1. John Albert's Avatar
    When I tap on the "Data usage" of the Preview, it moves me to the data usage page of Android OS. In other words, I can't disable background data access for Preview.
    Also the app restarts itself after force-stop after some time.



    I don't even receive any security patches since January. As Optiemus support said,

    (bbcare@optiemus.com)
    Disable connection with the internet until you resolve this issue.
    12-19-19 02:14 PM
  2. wtigga's Avatar
    Disable connection with the internet until you resolve this issue.
    It's essentially the same as to buy a new phone. I frankly don't see that Optiemus/TCL will resolve this "issue" anytime at all.
    12-19-19 02:15 PM
  3. John Albert's Avatar


    I don't even receive any security patches since January. As Optiemus support said,
    I wouldn't risk using an Android device without up to date security patch. Haven't you heard about the latest security breach?
    12-19-19 02:17 PM
  4. conite's Avatar
    When I tap on the "Data usage" of the Preview, it moves me to the data usage page of Android OS. In other words, I can't disable background data access for Preview.
    Also the app restarts itself after force-stop after some time.
    Use Power Centre to disable app from starting up.
    anon(10622733) likes this.
    12-19-19 02:47 PM
  5. conite's Avatar
    I wouldn't risk using an Android device without up to date security patch. Haven't you heard about the latest security breach?
    Although this particular case is unrelated to patching.
    12-19-19 02:48 PM
  6. sj10689's Avatar
    If you uninstall "Apps" and relegate the "Preview" app *exclusively* to the BlackBerry Locker app (activating the "Hide private apps" function within Locker), you should be safe from any of these aforementioned events. (wtigga originally mentioned this idea)
    12-19-19 03:46 PM
  7. chetmanley's Avatar
    This is rather concerning. I have had my doubts about the Preview app for a few months now. When ever I disable it via ADB, it often appears to be running in the background at random times, consuming large amounts of battery, despite being disabled for the active user profile.

    So I recently re-enabled it, but am relying on Netguard to block all of its connections. This works.

    Since it appears the Preview app cannot be fully disabled via ADB on the Key2 (my keyone doesn't seem to show the same issues when Preview is ADB disabled), then the only way to control the Previewapplication is via a firewall like netguard.

    I'm tempted to install this "Apps" app to investigate what it's all about. The comment in Russian simply says it's a better app store than Google.

    UPDATE:

    Installed "Apps" on my Keyone once I re-enabled the Preview app via ADB and allowed connections via Netguard. The "Apps" application download appeared immediately inside the Preview app, but it did not install itself, I still needed to download and accept the install.

    After install, DTEK did not catch it by reporting an install from the Preview app, however Netguard did show a notification that the new app was installed and if I wanted to permit connections.


    Summary:

    The TCL "Apps" application has 12 embedded trackers.

    Tencent: 111com.tencent.bugly

    Google: Crashlytics, Doubleclick, Ads, Firebase

    Facebook: Ads, Analytics, Login, Share, Places

    myTarget: com.mytarget.
    Twitter: MoPub

    Permissions (User Controllable): Camera, Contacts, Location, Phone, SMS, Storage
    Permissions (Non-user controllable): Full Network access, run at startup, retrieve running apps, view wifi connections, set wallpaper, Play Install Referrer API, close other apps, measure app storage space, control vibration, expand/collapse status bar, and com.tcl.live.permission.Access_Download_manager

    The app is attempting to make the following connections continuously in the background (this only stops once the app is "forced closed")

    TCL:
    dg.udc.us.tclclouds.com/443
    gwrtdp-tn690fadt.tclcloud.com/443
    appcenter-13.tclclouds.com/80 (This one is required to show apps in the "Apps" Store, note its unencrypted.)
    cleanportal.tclclouds.com/443
    gwrtdp.tclclouds.com/443
    platform.tclclouds.com/80
    equipment.tclclouds.com/80
    sec.tclclouds.com/443
    apk.aotclouds.net/80 (This one is required to download the apks, note it's unencrypted)

    Facebook:
    graph.facebook.com/443

    Google:
    googleads.g.doubleclick.com/443
    app-measurement.com/443

    Crashyltics:
    settings.crashlytics.com/443

    Tencent:
    android.bugly.qq.com/80

    Unknown:
    ad-api.ehawk.com/80
    mibc-gtp.bigdatapppp.com/80

    It appears that this "Apps" store has access to Google Play applications. Downloaded apks are saved in a folder called "appcenter".

    I tried downloading what appears to be WhatsApp. It saved to the "appcenter/apps" folder as 37827_2.19.308.apk

    I can't seem to install it. Clicking the apk does nothing (tried different file managers), but causes the android system to slow down considerably, and at one point appeared the system appeared to hang and asked if I wanted to wait or close it.

    Another folder called "CleanerSDK" was created aswell, and contained a .txt file called uuuid with 0kb file size.
    Last edited by chetmanley; 12-19-19 at 05:17 PM.
    12-19-19 03:52 PM
  8. Bla1ze's Avatar
    I'm still trying to figure out what's going on here. I'm assuming it's only going out to non Google devices.
    I just got it on my North American unlocked KEY2 after an update. This is a spare KEY2 I haven't touched in 6+ months.
    12-19-19 04:05 PM
  9. conite's Avatar
    I just got it on my North American unlocked KEY2 after an update. This is a spare KEY2 I haven't touched in 6+ months.
    Yes. I found it within my Preview app, but it can't install it because I have it locked down.
    12-19-19 04:09 PM
  10. tubularbell's Avatar
    Have it on my KEY² LE as well. Not surprising I guess. So I did what @conite suggested, and have used the powercentre to prevent the app from starting up.
    12-19-19 04:37 PM
  11. Matt J's Avatar
    Just noticed this app on my Rogers KEY2 here in Toronto. How did this get installed? It doesn't look "right" ....
    12-19-19 06:33 PM
  12. Emaderton3's Avatar
    Is it this once you open?TCL 'Preview' app bloatware-screenshot_20191219-183403.jpg
    12-19-19 06:35 PM
  13. chetmanley's Avatar
    I recommend everyone go into their Preview App settings, and turn off Automatic Updates, Automatically Check and New app notificaitons.

    If this new "Apps" application did get installed, then obviously uninstall it and clear out any folders it may have created.

    Then Force Stop the Preview app via device settings and clear the memory and cache.

    To properly monitor the Preview application, install Netguard and deny the Preview apps' access to the internet. Additionally, try to disable it via ADB, but it's been unsuccessful for me on the Key2, but successful on the Keyone.
    Last edited by chetmanley; 12-19-19 at 06:47 PM.
    12-19-19 06:36 PM
  14. Matt J's Avatar
    Grammar doesn't seem right.
    12-19-19 06:37 PM
  15. chetmanley's Avatar
    Is it this once you open?Click image for larger version. 

Name:	Screenshot_20191219-183403.jpg 
Views:	49 
Size:	60.3 KB 
ID:	447035
    Yes. The app is already communicating with the servers I listed above, even at that screen. User privacy is definitely not "safe"
    12-19-19 06:37 PM
  16. Matt J's Avatar
    How did this app get pushed to our devices? Shouldn't DTEK have picked up on this?
    12-19-19 06:39 PM
  17. chetmanley's Avatar
    How did this app get pushed to our devices? Shouldn't DTEK have picked up on this?
    I'm not sure how it was installed on some user's devices without their direct interaction with the standard "install screen".

    But the default settings of the Preview app allow it to download and automatically update applications. Maybe it can do this without user interaction.
    12-19-19 06:44 PM
  18. Emaderton3's Avatar
    This is ridiculous. Makes the BlackBerry name look even worse.
    12-19-19 06:48 PM
  19. chetmanley's Avatar
    The Preview app always had this functionality - however this is the first time I've seen it actually implemented by TCL. I always thought it was for updating TCL Blackberry apps between OS updates.
    12-19-19 06:53 PM
  20. Matt J's Avatar
    This just shows that all this kernel "hardening" and DTEK monitoring is all just marketing hype. A BlackBerry is just another Android device.
    12-19-19 07:04 PM
  21. Bob80220's Avatar
    This just shows that all this kernel "hardening" and DTEK monitoring is all just marketing hype. A BlackBerry is just another Android device.
    Certainly does appear to be a bunch of BS doesn't it. Fortunately the "Apps" update never happened so it wasn't installed on my KEY2. Looks like from the reports I've read it was loaded with tracking features.

    I've shut down everything on the Preview app that can be toggled off, cache and data cleared, and disabled the Preview app in the Power Center. Not much more can be done as the app isn't able to be uninstalled.

    Maybe this is TCL's Holiday Greeting and giving us a gift that keeps on giving.

    Bob
    wtigga likes this.
    12-19-19 07:18 PM
  22. howarmat's Avatar
    Its a special case, TCL/Blackberry/Google apps have special privileges that normal apps dont have. Other apps cant bypass DTEK and DTEK does what its intended to. BUT this is pretty shady stuff from TCL/BB going on here that is for sure.
    joshualebowitz likes this.
    12-19-19 07:21 PM
  23. Bob80220's Avatar
    BUT this is pretty shady stuff from TCL/BB going on here that is for sure.
    Agreed!!! I think BlackBerry Ltd. needs to man up and tell us WTF is going on. I certainly don't expect to hear anything from TCL as it's been crickets from them since February 2019.

    Bob
    joshualebowitz and wtigga like this.
    12-19-19 07:24 PM
  24. conite's Avatar
    This just shows that all this kernel "hardening" and DTEK monitoring is all just marketing hype. A BlackBerry is just another Android device.
    It doesn't say any such thing. The Preview app is whitelisted, and it doesn't accomplish anything it hasn't been given explicit permission to do.

    Don't open it, turn off "draw over other apps" permission, and use Power Centre to disable automatic startup.

    I'm not arguing that this isn't poor form, but it has nothing to do with DTEK or Android hardening.
    Last edited by conite; 12-19-19 at 07:42 PM.
    12-19-19 07:27 PM
  25. Matt J's Avatar
    It doesn't say any such thing. The Preview app is whitelisted, and it doesn't accomplish anything it hasn't been given explicit permission to do.

    Don't open it, turn off "draw over other apps" permission, and use Power Centre to disable automatic startup.

    I'm not arguing that this isn't poor form, but it has nothing to do with DTEK or Android hardening.
    I guess the whole kernel hardening and DTEK stuff just gives the impression that a BlackBerry is a "secure" device. Not really much security if apps can be randomly installed without permission.

    Honestly, I don't really care anymore about BlackBerry, just riding it out until it's time for an upgrade. I know that nobody cares that I don't care. And I don't care about that either.

    I've always laughed at iPhone users, but finally came to the realisation that I was the laughing stock with my blind loyalty to a dead brand and overhyped security features that don't even come close to iOS.

    LOL. Oh well. It's only a darn phone. Who really cares?
    12-19-19 07:57 PM
550 1234 ...

Similar Threads

  1. Google's Photos App: Alternatives?
    By JHBrandt in forum BlackBerry Priv
    Replies: 14
    Last Post: 01-02-20, 05:00 PM
  2. Replies: 11
    Last Post: 12-24-19, 11:03 PM
  3. I accidentally deleted files on my KEY2. Are there any apps/programs to recover them?
    By EZ2LOOKATASIAN in forum General BlackBerry News, Discussion & Rumors
    Replies: 10
    Last Post: 12-18-19, 05:01 PM
LINK TO POST COPIED TO CLIPBOARD