File this under Not Surprised.
One of the problems with sending all our technology manufacturing jobs to foreign countries in order to produce less expensive goods is that some of these countries are not necessarily our best buddies. With some of them we might have what you would call “trust issues.”
Recently The Hacker News released an article about how a Chinese manufacturer of ARM processors (Allwinner sun8i for A83T, H3, or H3 processors) used in popular Android phone products, and several variations of the Pi hacker boards (Banana Pi, Orange Pi) have a backdoor embedded in them. The Chinese claim is that this backdoor was inadvertently left in by developers who used it in the debugging process. Sure, its possible. Or maybe they meant to leave the backdoors in.
If we hadn’t already dealt with this issue in the routers manufactured in China for Juniper Networks, reported here in February (Perils From The Edge – Insecure Routers), I might be more inclined to give them the benefit of the doubt. As it is, I am suspicious. As an Android phone user, I am not pleased. According to the article, “This security hole is currently present in every operating system image for A83T, H3 or H8 devices that rely on kernel 3.4” You can Google the specs for your phone model to see if it is affected. Fortunately for me, my LG G4 VS986 appears to be using a different processor.