A Test of iPhone-to-HDMI Adapter That Demands Location/Browsing Data (404media.co) 29
Slash_Account_Dot writes: I recently got my hands on an ordinary-looking iPhone-to-HDMI adapter that mimics Apple's branding and, when plugged in, runs a program that implores you to "Scan QR code for use." That QR code takes you to an ad-riddled website that asks you to download an app that asks for your location data, access to your photos and videos, runs a bizarre web browser, installs tracking cookies, takes "sensor data," and uses that data to target you with ads. The adapter's app also kindly informed me that it's sending all of my data to China.
The cord was discovered by friend of 404 Media John Bumstead, an electronics refurbisher and artist who buys devices in bulk from electronics recyclers. Bumstead tweeted about the cord and was kind enough to send me one so I could try it myself. Joseph has written about malicious lightning cables and USB cables made by hackers that can be used for keystroke logging and spying. While those malicious lightning cables are products marketed for spying, the HDMI adapter Bumstead has been found in the wild and is just another crappy knockoff cable sold on Amazon's increasingly difficult to navigate website. This HDMI adapter is designed to look exactly like Apple's same adapter.
The cord was discovered by friend of 404 Media John Bumstead, an electronics refurbisher and artist who buys devices in bulk from electronics recyclers. Bumstead tweeted about the cord and was kind enough to send me one so I could try it myself. Joseph has written about malicious lightning cables and USB cables made by hackers that can be used for keystroke logging and spying. While those malicious lightning cables are products marketed for spying, the HDMI adapter Bumstead has been found in the wild and is just another crappy knockoff cable sold on Amazon's increasingly difficult to navigate website. This HDMI adapter is designed to look exactly like Apple's same adapter.
Yeah junk. (Score:1)
Re: (Score:1, Troll)
Re: (Score:2)
"So you know whose TOS royally fuck you when they get hacked..."
Re: (Score:2)
Yeah, keep the companies that track and spy on you centralized. So you know who to go after when your shit gets leaked.
At least;
The adapter's app also kindly informed me that it's sending all of my data to China.
I guess had it been an American corporation sending all your data to the USA, it wouldn't have been so courteous.
Re: (Score:2)
Re: Yeah junk. (Score:2)
Re: (Score:2)
This is just like any other ad/tracking supported product. The loyalty card you use at the grocery store works the same way. You're giving up a little of your privacy in exchange for a discount on a product. This one's just wearing a different color shirt than you're used to thinking about.
Re:Yeah junk. (Score:5, Informative)
Just buy the Apple one from apple.com
People complain about the price but at least you know what you are getting.
Re: (Score:2)
Key word is reputation. One can also get adapters from other brands and other websites, as long as they are reputable places. Go-to brands for such adapters are Belkin, Hama, Ugreen. The wrong here is probably the purchaser thought they had a bargain on Apple cables by having it shipped from an overseas marketplace seller. Never buy anything from those.
Re: (Score:2)
Key word is reputation. One can also get adapters from other brands and other websites, as long as they are reputable places. Go-to brands for such adapters are Belkin, Hama, Ugreen. The wrong here is probably the purchaser thought they had a bargain on Apple cables by having it shipped from an overseas marketplace seller. Never buy anything from those.
Exactly. As the saying goes "You don't always get what you paid for, but you pay for all you get." I stick to brands I trust when buying things that can go snap, crackle or pop. Others? While my $3 alpine band knockoff doesn't look quite as nicely made it also looks sturdy enough not to come apart and I can get many more colors.
Re: (Score:2)
Belkin? Really? The last story about them that I saw clearly indicted that they should be avoided. (It's been over a year, so I don't remember the details, but I think it was on Slashdot.)
Re: (Score:3)
Could be this one https://it.slashdot.org/story/... [slashdot.org] . Belkin chose to brick some home automation devices (from their Wemo division) because they thought to EOL them. I take note to avoid Belkin for anything cloud-based. With this rule, Belkin is still ok for plug-and-play adapters.
Re: (Score:2)
And what happens when amazon lists belken and belkin cables next to each other?
Which by the way amazon does all the time
Re: (Score:2)
I recommend you buy from the website of well established retailers. I meant to recommend against Amazon since it is mostly a marketplace logistics manager, not a retailer. The problem you report happens because Amazon chooses to list every one who asks, and even promotes whoever pays the most. They do not qualify the products or the sellers. The immediate consequence is that one cannot put trust into products sold on Amazon.
Re: (Score:2)
Just buy from a retailer that has easy returns/refunds. Hopefully your country has good consumer laws, e.g. in the UK anything bought over the internet can be returned within 14 for any or no reason. Return postage is at your expense, but some websites make it free anyway.
Re: (Score:2)
That was a secret arrangement made by both Apple and China. What other easier ways to herd witless customers into buying more expensive Apple’s brands while Apple's servers are running in China. Both still win either way. Anyone know how many of other iPhone to HDMI adapter brands that aren’t manufactured by neither Apple or China?
Prove it or GTFO.
Re: (Score:3)
Just buy the Apple one from apple.com
Some time ago Apple bought 100 "original Apple charging cables" at Amazon and examined them. The result was: 100 out of 100 were not "original Apple" charging cables. And 80 out of 100 did not meet Apple's electrical safety requirements.
For chargers (which are more of a risk than cables) the rule is: You can have small, safe, or cheap - pick any two. Unfortunately the "safe" one, which to me is most important, is something that you can't see as a customer. I'd personally be quite happy with big+ugly, saf
Re: (Score:2)
I'd personally be quite happy with big+ugly, safe, and cheap, but it seems that doesn't sell.
IKEA might disagree. Apparently their chargers are well-made [youtube.com].
Re: (Score:1)
If we are going to condemn malicious actors for violating our privacy, we ought to start with the main culprit - Google.
You can buy degoogled phone or do it yourself. Rob Braxman sells degoogled phones and explains why Apple is bad. https://www.youtube.com/@robbr... [youtube.com]
Re: (Score:2)
Or a fairphone running /e/OS : https://murena.com/ [murena.com]
Re: (Score:2)
How is that different from Google?
This item is a fake, a counterfeit. They were imitating Apple branding to lure people into trusting and installing malware. The difference is: we know Google uses/sells advertisement data; we don't know for sure what the final purpose of this malware was, but we know it wants to access your photos and videos, so we can make a guess.
Walled Garden? (Score:1, Troll)
Apple can't let developers use PayPal FOR SAFETY but they approve apps like this?
Get real.
Hopefully SCOTUS sees this in the Epik case.
What? A corporation... (Score:2)
I see (Score:2)
"runs a bizarre web browser, installs tracking cookies, takes "sensor data," and uses that data to target you with ads. "
So like ALL the websites?