Update: New Huawei P30 Pro found to be querying servers in China

Brand new Huawei P30 Pro found to be sending queries and possibly data to Chinese government servers

  138100
Huawei P30 Pro.

Huawei P30 Pro. (By Wikimedia Commons)

Update: 04/24

The apparent owner of the Huawei P30 Pro posted an update on his website in which he says he now thinks that the DNS requests were not initiated by the phone, but rather occurred as the result of Baidu searches. He said he believes that the DNS queries to beian.gov.cn occurred when he used Baidu to carry out searches.

This does, however, raise the question as to why Baidu searches are sending data to China's Ministry of Public Security and is indicative of the close relationship between "private companies" such as Baidu and Alibaba and the authoritarian communist regime.

Update: 04/23
The Huawei P30 Pro appears to have been purchased in Thailand and is running on a cellular network owned by one the "top three mobile operators in Thailand," according to a post by the apparent owner on GitHub.

TAIPEI (Taiwan News) -- A brand new Huawei P30 Pro smartphone has been found to be sending queries and possibly data to Chinese government servers, without the user having signed up for any Huawei services, reported OCWorkbench.

The Facebook page ExploitWareLabs at 5:32 p.m. on Sunday uploaded a post which included a list of DNS (Domain Name System) queries being delivered behind the scenes from a new Huawei P30 Pro. A DNS query (also known as a DNS request) is a demand for information sent from a user's computer (DNS client) to a DNS server.

In layman's terms, it means the phone could potentially be automatically transferring user data back to cloud servers run by the Chinese government, unbeknownst to the device's owner.

The list of DNS addresses includes beian.gov.cn, which was registered by Alibaba Cloud and managed by China's Ministry of Public Security, according to Whois.com. Another frequently listed request was sent to china.com.cn, which was registered by EJEE Group and operated by China's state-run mouthpiece the China Internet Information Center, according to Whois.com.

According to ExploitWareLabs, all of these queries were sent to Chinese government-run servers despite the fact that the user had not configured the phone for any Huawei services, such as Huawei ID or any Hi services.

OCWorkbench was unable to replicate the results on a different model of the company's phone, the Huawei Nova 31, an older device which was released in August of last year.

Netizens responded to the news with a flood of sarcastic comments about the user's apparent involuntary access to Chinese government servers:

"Buy Huawei phone, get free cloud server backup now."

"Congratulations, you win a Chinese government infinity backup storage surprise gift."

"They are just helping backup your data, with unlimited space for free."

"Your data is backed by a government, so it's safe now."

One Facebook user also described their experience buying in house video cameras made in China for security, only later to find that they had been sending data to a location in Beijing. "Take care and consider it carefully when buying China-Made electronic products," wrote the user.


List of DNS requests from Facebook group @ExploitWareLabs.