Matrix themed virus infects 25 million smartphones

A new variant of mobile malware, dubbed ‘Agent Smith’, which re-directs advertising funds to cybercriminals, has been identified and its infected 25 million smartphones already.

Discovered by Check Point, this is a sneaky virus to deal with. Like ‘Agent Smith’ in the Matrix trilogy, the virus has the ability to consume a downloaded app and assume control.

Right now, the user is not being exploited in a direct manner. The presence of the virus does present dangers in terms of eavesdropping or credit fraud, but currently, the cybercriminals are using the virus to collect cash off advertisers through various trusted applications. The application is forced to display more adds than designed with the attackers collecting the additional credits.

“In this case, “Agent Smith” is being used to for financial gain through the use of malicious advertisements,” Check Point said on its blog.

“However, it could easily be used for far more intrusive and harmful purposes such as banking credential theft and eavesdropping. Indeed, due to its ability to hide its icon from the launcher and impersonate existing user-trusted popular apps, there are endless possibilities for this sort of malware to harm a user’s device.”

Check Point estimate that 25 million devices have been infected to date, the majority are in India and other Asia nations, although there have been identified devices in the US, UK and Australia. Although Check Point has not directly stated it, some have suggested the virus can be traced back to Guangzhou, China.

Agent Smith VirusThe virus itself works in three phases. Firstly, the user is encouraged to download a simplistic, free app (usually a minimal function game or sex-app) which contain an encrypted malicious payload. At this point, the malware searches the user’s device for any popular apps on a pre-determined list which can be targets at a later date.

During the second phase, the malicious payload is decrypted into its original form and then abuses several known vulnerabilities without giving any clues to the user. Finally, the malware then attacks the pre-determined applications, extracting the innocent application’s APK file and then patches it with extra malicious modules.

‘Agent Smith’ was first detected in 2016 and the cybercriminals have seemingly been laying the groundwork for a larger attack for some time. It has certainly evolved over this period, and although Check Point has reported the malicious apps to the Google Security team, who is to say there are not more. The danger of ‘Agent Smith’ is that it is incredibly difficult to identify in the first place.

Perhaps this is an oversight in the security world which we will have to address before too long.

As it stands, numerous parties around the world are constantly on the look out for nefarious activity, however, in most cases the assumption is that it will be a state-sponsored attack. This does not seem to be the case here and perhaps why it is very difficult to detect the malware in the first place; everyone is looking for the wrong clues.

In this example, Check Point seem to have caught the suspect firm ahead of time, informing the Google Security team before any genuine damage has been done. That said, 25 million devices is still a substantial number but with the source identified it should be limited.

Smartphone spyware FinSpy is back and thriving

Cybersecurity vendor Kaspersky has reported that FinSpy, a piece of malware that allows private information to be stolen from smartphones, has made a reappearance.

FinSpy spyware is apparently made by German company Gamma Group and sold by its UK sub-division Gamma International to governments and state agencies so that they can spy on their citizens. It has been around for a few years but seems to be experiencing a renaissance, with activity recorded in Myanmar last month.

The recent appearance of FinSpy has brought to light the IOS and Android mobile implants that can install this spyware on mobile devices. This now enables the FinSpy spyware to collect personal information such as contacts, SMS/MMS messages, emails, calendars, GPS location, photos, files in memory, phone call recordings and data from some of the most used messenger services including Facebook, WhatsApp and Skype among others.

The greatest cause for concern is FinSpy’s ability to gain this information even if the phone’s user is running an encryption program. Talking about encryption, FinSpy’s developers have been improving their own encryption to reduce the risk of traceable activity being discovered, the Kaspersky report claims.

“The developers behind FinSpy constantly monitor security updates for mobile platforms and tend to quickly change their malicious programs to avoid their operation being blocked by fixes,” Alexey Firsh, a security researcher at Kaspersky Lab, told Cyberscoop. “We observe victims of the FinSpy implants on a daily basis.”

Kaspersky has also claimed that these implants were detected in almost 20 countries however it’s likely the real number is higher. These new implants appear to be a real threat, with the developers constantly updating the spyware by reducing its trace while improving it to the point where it can break through encryption. FinSpy along with Gamma group are thriving although Kaspersky says it is conducting further investigations to tackle this issue.

Researchers point to 1,300 apps which circumnavigate Android’s opt-in

Research from a coalition of professors has suggested Android location permissions mean little, as more than 1,300 apps have developed ways and means around the Google protections.

A team of researchers from the International Computer Science Institute (ICSI) has been working to identify short-comings of the data privacy protections offered users through Android permissions and the outcome might worry a few. Through the use of side and covert channels, 1,300 popular applications around the world extracted sensitive information on the user, including location, irrelevant of the permissions sought or given to the app.

The team has informed Google of the oversight, which will be addressed in the up-coming Android Q release, receiving a ‘bug bounty’ for their efforts.

“In the US, privacy practices are governed by the ’notice and consent’ framework: companies can give notice to consumers about their privacy practices (often in the form of a privacy policy), and consumers can consent to those practices by using the company’s services,” the research paper states.

This framework is a relatively simple one to understand. Firstly, app providers provide ‘notice’ to inform the user and provide transparency, while ‘consent’ is provided to ensure both parties have entered into the digital contract with open eyes.

“That apps can and do circumvent the notice and consent framework is further evidence of the framework’s failure. In practical terms, though, these app behaviours may directly lead to privacy violations because they are likely to defy consumers’ expectations.”

What is worth noting is while this sounds incredibly nefarious, it is no-where near the majority. Most applications and app providers act in accordance with the rules and consumer expectations, assuming they have read the detailed terms and conditions. This is a small percentage of the apps which are installed en-mass, but it is certainly an oversight worth drawing attention to.

Looking at the depth and breadth of the study, it is pretty comprehensive. Using a Google Play Store scraper, the team downloaded the most popular apps for each category; in total, more than 88,000 apps were downloaded due to the long-tail of popularity. To cover all bases however, the scraper also kept an eye on app updates, meaning 252,864 different versions of 88,113 Android apps were analysed during the study.

The behaviour of each of these apps were measured at the kernel, Android-framework, and network traffic levels, reaching scale using a tool called Android Automator Monkey. All of the OS-execution logs and network traffic was stored in a database for offline analysis.

Now onto how these apps developers can circumnavigate the protections put in place by Google. For ‘side channels’, the developer has discovered a path to a resource which is outside the security perimeters, perhaps due to a mistake during design stages or a flaw in applying the design. With ‘covert channels’ these are more nefarious.

“A covert channel is a more deliberate and intentional effort between two cooperating entities so that one with access to some data provides it to the other entity without access to

the data in violation of the security mechanism,” the paper states. “As an example, someone could execute an algorithm that alternates between high and low CPU load to pass a binary message to another party observing the CPU load.”

Ultimately this is further evidence the light-touch regulatory environment which has governed the technology industry over the last few years can no-longer be allowed to persist. The technology industry has protested and quietly lobbied against any material regulatory or legislative changes, though the bad apples are spoiling the harvest for everyone else.

As it stands, under Section 5 of the Federal Trade Commission (FTC) Act, such activities would be deemed as non-compliant, and we suspect the European Commission would have something to say with its GDPR stick as well. There are protections in place, though it seems there are elements of the technology industry who consider these more guidelines than rules.

Wholesale changes should be expected in the regulatory environment and it seems there is little which can be done to prevent them. These politicians might be chasing PR points as various elections loom on the horizon, but the evolution of rules in this segment should be considered a necessity nowadays.

There have simply been too many scandals, too much abuse of grey areas and too numerous examples of oversight (or negligence, whichever you choose) to continue on this path. Of course, there are negative consequences to increased regulation, but the right to privacy is too important a principle for rule-makers to ignore; the technology industry has consistently shown it does not respect these values therefore will have to be forced to do so.

This will be an incredibly difficult equation to balance however. The technology industry is leading the growth statistics for many economies around the world, but changes are needed to protect consumer rights.

Huawei UK tries to calm fears about Android support

The news that Google may stop supporting Android on Huawei phones has inevitably hit their sales. But in the UK at least Huawei is fighting back.

The US state is pressuring any company that wants to stay on its good side to sever all business ties with Huawei, which it has decided is an abject security risk due to its presumed obedience to the Chinese state. A month ago it emerged that Google had bowed to this pressure and was suspending some dealings with Huawei, which raised the prospect of Huawei smartphones no longer receiving updates or security support for their Android operating systems.

Understandably this is likely to have a profound effect on Huawei smartphone sales as who would want to buy a phone, however powerful and shiny, with compromised software? Huawei’s UK consumer group has moved to address these concerns with a new website called ‘Huawei Answers’, which is set up in an FAQ style, designed to address consumer concerns about its phones by debunking rumours.

The main concern most prospective Huawei smartphone punters will have is whether or not their devices will be updated to the latest version of Android when it becomes available. “Our most popular current devices, including the P30 series, will be able to access Android Q,” announces Huawei Answers in its preamble, before tackling other ‘common points of confusion’. You might as well see the lot here.

RUMOUR #1 – Huawei smartphones and tablets will no longer get software or security updates.

Ongoing security and software updates will continue to be provided to keep all Huawei smartphones and tablets secure and up-to-date.

RUMOUR #2 – Android will be automatically uninstalled from Huawei smartphones and tablets.

Android will not be automatically uninstalled from Huawei smartphones and tablets. We continue to work closely with our partners to ensure our consumers can always enjoy the best possible experience.

RUMOUR #3 – Huawei users will not be able to download or use apps like WhatsApp, Facebook or Instagram.

For all Huawei smartphones and tablets, WhatsApp, Facebook, and Instagram apps can be downloaded and used as normal.

RUMOUR #4 – Windows will no longer work on Huawei PCs.

We can confirm that Huawei devices with Microsoft software will be upgraded and supported

RUMOUR #5 – If you reset your Huawei smartphone or tablet, you will lose access permanently to Android Services and Google Apps.

If you reset your Huawei smartphone or tablet to factory settings, Android Services and Google Apps can still be downloaded and used as normal.

RUMOUR #6 – The current situation impacts the warranty on Huawei smartphones and tablets.

Nothing has changed. Huawei provides after-sales service as before, in accordance with the existing warranty policy.

RUMOUR #7 – Huawei smartphones & tablets will offer reduced functionality.

All Huawei smartphones & tablets will continue to function as they currently do.

RUMOUR #8 – Huawei will no longer sell smartphones.

Huawei will continue to sell smartphones. Furthermore, we will continue to invest in research and development to deliver leading innovation and the best possible smartphone experience.

RUMOUR #9 – The P30 & the P30 Pro won’t get access to Android Q.

We are confident that our most popular devices, including the P30 series, will be able to access Android Q. We have been working with third parties for many months to ensure devices will be able to receive Android Q updates. Technical preparations and testing has already begun for over 17 devices. In fact our Mate 20 Pro has already been given approval to receive Android Q as and when it is released by Google.

Here is the list of the  products we have submitted to upgrade to Android Q

P30 Pro

P30

Mate 20

Mate 20 Pro

PORSCHE DESIGN Mate 20 RS

P30 lite

P smart 2019

P smart+ 2019

P smart Z

Mate 20 X

Mate 20 X (5G)

P20 Pro

P20

Mate 10 Pro

PORSCHE DESIGN Mate 10

Mate 10

Mate 20 Lite

It’s a game effort but, just as with broader concerns about security, Huawei is still asking people to take its word for this stuff. The use of hedging language such as ‘we continue to work closely’ and ‘we are confident that’ probably doesn’t help either.

This initiative is reminiscent of the Huawei Facts Twitter account, which also exists to present the company in a positive light. It recently revealed that, in spite of all this argie-bargie, Huawei has already shifted 100 million smartphone units this year. It managed over 200 million in the whole 2018 but it wouldn’t be surprising to see it fall short of that number this year as second half shipments fall off a cliff due to the above concerns.

HMD moves Nokia phone user data storage to Finland

HMD Global, the maker of Nokia-branded smartphones, announced that it is moving the storage of user data to Google Cloud servers located in Finland, to ease concerns about data security.

The phone maker announced the move in the context of its new partnership with CGI, a consulting firm that specialises in data collection and analytics, and Google Cloud, which will provide HMD Global with its machine learning technologies. The new models, Nokia 4.2, Nokia 3.2 and the Nokia 2.2, will be the first ones to have the user data stored in the Google Cloud servers in Hamina, southern Finland. Older models that will be eligible for upgrading to Android Q will move the storage to Finland at the upgrade, expected to take place from late 2019 to early 2020. HMD Global commits to two years’ OS upgrades and three years’ security upgrades to its products.

HMD Global claims the move will support its target to be the first Android OEMs to bring OS updates to its users, and to improve its compliance with European security measures and legislation, including GDPR. “We want to remain open and transparent about how we collect and store device activation data and want to ensure people understand why and how it improves their phone experience,” said Juho Sarvikas, HMD Global’s Chief Product Officer. “This change aims to further reinforce our promise to our fans for a pure, secure and up to date Android, with an emphasis on security and privacy through our data servers in Finland.”

Sarvikas denied to the Finnish news outlet Ilta-Sanomat that the move was a direct response to privacy concerns triggered by the controversy earlier this year when Nokia-branded phones sold in Norway were sending activation data to servers in China. At that time HMD Global told Telecoms.com that user data of phones purchased outside of China is stored in AWS servers in Singapore, which, the company said, “follows very strict privacy laws.” However, according to GDPR, to take user data outside of the EU, the company would have had to obtain explicit consent from its EU-based users.

Sarvikas claimed that the latest decision to move storage to Finland has been a year in the making and is part of the company’s overall cloud service vendor swap from Amazon to Google. “Staying true to our Finnish heritage, we’ve decided to partner with CGI and Google Cloud platform for our growing data storage needs and increasing investment in our European home,” Sarvikas added in the press release.

Francisco Jeronimo, Associate VP at IDC, saw this move a positive action by HMD Global, calling it a good move “to address concerns about data privacy” on Twitter.

Industry quietly lobbies against Trump’s anti-globalisation agenda

Slowing down the progress made by Huawei on the global stage might be a win for the White House, but US firms are not seeing the benefits as some are reportedly lobbying against the infamous ban.

In a televised interview this morning, Huawei Founder Ren Zhengfei suggested sales forecasts will be negatively hit by the firms debut onto the US ‘Entity List’, taking two years to get back onto the 2018 trajectory. For the White House, this might be vindication of its aggressive anti-Huawei agenda, but not everyone is happy about how events are unfolding.

According to Reuters, US semiconductor firms are quietly lobbying the US Department of Commerce in an attempt to limit the negative impact of the ban. Let’s no forget that while the White House might seem against globalisation trends right now, the success of these firms is largely based on the idea of free-trade and capitalising on the rapid evolution of international markets.

The issue which these firms face is one of commercial loss and gain. Huawei is one of the industry’s biggest consumers of semiconductor products, with the firm rumoured to spend roughly $20 billion a year on such products. When you look at the impact on some firms, you can see why the semiconductor industry is getting a bit twitchy.

Last week, Broadcom lowered its sales forecast for the year by $2 billion, pointing towards one of its customers being caught up in an international trade-war. Although Broadcom has not explicitly stated how much of the total revenues are attributable to Huawei, firms are only compelled to do so when it is more than 10% of the total, the numbers would suggest it is not far off that percentage.

And Broadcom is not alone on relying on Huawei as a customer. Qorvo depends on Huawei for 11% of its total revenues, while Lumentum has said Huawei accounted for 18% of all shipments during the last quarter. As a result, Lumentum’s sales forecast is now $30-35 million less for the year. Xilinx is another chipmaker which has been impacted by the ban on selling components to Huawei, and there are others as well including Intel and Qualcomm.

As a result, numerous lobbying efforts are reportedly being held behind closed doors to mitigate the impact. This might be exemptions or the creation of loopholes, but the friendly-fire is quite notable in this segment.

What is worth noting is that there are other lobby efforts going on also. Google is rumoured to be in active conversations, suggesting its operating system Android should be exempt from the ban on the grounds of national security. Google is arguing that should it be banned from working with Huawei, it would not be able to provide timely security updates which could make the devices vulnerable to hacking and data breaches.

However, there is a commercial angle to all of these arguments which might gain more traction in the minds of the government puppeteers.

At Google, the firm has a dominant position in the OS market. Huawei’s alternative OS might not be able to dislodge this position, but it does have a significant domestic market to drive user adoption. If a suitable alternative to Android emerges from the Chinese telco flagbearer, it would not be unimaginable to see mass adoption in the Chinese market. Once it has domestic domination, it would not be unusual to see international expansion to the China-friendly nations. This would potentially erode Google’s influence on the world.

In the semiconductor space, the risk is of the emergence of a homegrown Chinese-semiconductor industry.

This is not to say China does not already have a presence in the semiconductor space but forcing Huawei away from the US could be the catalyst the slumbering sector needs. Companies like Shenzhen Fastprint Circuit Technologies and Jiangsu Changjiang Electronics Technologies have been making financial gains in recent months, both in terms of revenues and share price, while Huawei’s HiSilicon has also been ramping up.

The US is dominant in the semiconductor market and will probably continue to be. There is a gap in competence for core technologies in the Chinese segments to eclipse this position, though the risk is erosion of profits. The more competitors there are on the market, the lesser the market share for US firms. This assumption might well be exaggerated when you consider the preference of Chinese firms for a homegrown supply chain.

For the semiconductor industry, this should be seen as a red-flag. The Semiconductor Industry Association (SIA) has already suggested the industry is in a bit of a slump at the moment, with sales for April down 14.6% year-on-year. The SIA does have international members, though its biggest role is to represent the interests of US manufacturers. The last thing these firms need right now is more bad news when the market is already dampening.

The result of this friendly-fire is conversations behind closed-doors. The Trump administration is seemingly trying to dilute the influence of China on the rest of the world, though it appears to be having the same impact on some US firms. We’ve said this before, but the result of this trade-war seems to be nothing by a net-loss globally right now; no-one is winning, and it seems to be a matter of damage limitation.

What the White House should be wary of is whether this anti-China agenda is starting to look like a personal vendetta for the President. If there is notable damage to US firms as well as Chinese, the White House must question whether the current strategy is the most effective.

Is ‘Make America Great Again’ is the motto of the White House, it would be useful for the rest of us to understand how much friendly-fire will be tolerated in the quest to destroy the Silk Road.

Google points to security risk of Huawei ban, but what about commercial threat?

Google might have national security concerns about prohibiting Huawei from using the Android operating system, but it should also be worried about a potential threat to its market dominance.

If you are looking for a market with almost zero movement in terms of competitive threat, the OS segment is a prime example. With Google’s Android and Apple’s iOS, there is pretty much no-one else in the market worth considering. KaiOS has a fraction of the market, thanks to a focus on feature phones, while Nokia and Microsoft still have some legacy share, but realistically the duopoly of Google and Apple reign supreme.

That said, Huawei’s OS could prove to be a pain the Google’s side should all the pieces fall into place. It is of course a massive long-shot, but it is definitely a risk Google executives should be considering.

According to the Financial Times, Google has warned there could be some unintended consequences to the Huawei ban. With Huawei currently prohibited from using Android in any of its devices moving forward, Google is suggesting a rushed attempt to create an alternative could result in software bugs and an OS which is more susceptible to hacking. Huawei has already said it is progressing well with its own OS and should tensions between the US and China continue to rise, it will likely be debuted in the near future.

This is a risk but not something which is likely to concern the White House. It would not be a stretch to imagine the answer being ‘so what?’, if the Huawei OS has bugs that’s China’s problem. Google has reportedly approached the Commerce Department to request being exempt from the ban, allowing it to continue providing security updates to Huawei devices powered by Android, though it would seem these pleas have landed on deaf ears thus far.

Increasing the risk to national security is certainly an unintended consequence of Trump’s Executive Order to blacklist Huawei doing business with US firms, but there do seem to be more instances of friendly-fire each week.

During the immediate aftermath of the Huawei ban, several US firms were hit hard. US companies such as Xilinx, Skyworks Solutions, NeoPhotonics and Qorvo watched share price crumble away as they were effectively banned from engaging their biggest customer. Some have recovered slightly, but the damage has not been completely wiped out.

Another potential consequence to the ban is Huawei emerging on the other side of the conflict still intact. This could possibly be worst case scenario for the White House, as it would be a PR victory for the Chinese government and Huawei would be in a stronger position, no-longer dependent on the US. The OS market is one place US dominance could be notably challenged.

Huawei is currently the second-largest smartphone manufacturer in the world. This is down to a number of different factors, such as the price/quality comparison though its supremacy in the China market should not be underappreciated.

The China market itself might not be a massive concern to Google, as it is largely banned there, though other markets which are closely linked to China might be more of a concern. Android itself is an excellent springboard to profits for Google. Applications such as Gmail, Maps and Chrome as installed on devices as default, providing an outstanding link to monetization. As the second-largest smartphone manufacturer over the last few quarters, Huawei is a very good source of revenue for the Googlers.

If Huawei’s OS proves to be effective and it manages to convince international users that it is a brand which is worth persevering with, a third OS could enter the ecosystem. There are of course a lot of moving parts to consider, establishing trust with the consumer is going to be the biggest issue here as we suspect there will be some PR assault challenge the credibility of the OS and links to the Chinese government, but it is a realistic possibility. If it is anywhere near as good as Android, Huawei’s OS could gain market share and could chip away at Google’s profits.

That said, we can’t see Huawei making a significant challenge to Android’s dominance in the European markets, were the Huawei smartphone has seen good adoption trends, but there are others. Asia, for instance, or Africa, where Huawei’s cheaper devices may be more appealing than competitors. These are also nations which have largely managed to steer clear of being caught in the tension between the US and China.

As mentioned before, there is a lot which needs to go right for Huawei to gain a foothold and break the Android dominance around the world, but it is a realistic possibility, if only a long-shot. Usability and trust are two factors but developing the ecosystem would be another. The Google Play Store is a monstrous library of apps, and Huawei would have to offer something similar to be appealing to consumers.

Another unintended consequence is perhaps Huawei emerging as a more innovative and resilient player on the technology scene. By removing its reliance on US suppliers in certain areas of the supply chain, Huawei will be forced to move more capabilities in-house or search for new companies to plug the holes.

Huawei already had a sneak-preview of the damage which can be done through the US Entity List. ZTE was almost forced to extinction by the Trump signature on an Executive Order, which perhaps encouraged Huawei to invest more in HiSilicon, its own fabless semiconductor company based in Shenzhen. The more the White House forces Huawei to stand on its own, the more powerful Huawei could become.

The intended outcome of this action from the White House is surely to weaken China’s flagbearer in the telco and technology world, but if Huawei can ride the wave of adversity, it might just emerge as a much more powerful, innovative and influential player, free from any reliance on the US technology sector.

Can the Ark carry Huawei through the smartphone OS chaos?

Huawei registered “Ark OS” at the European trademark office, likely to be the name of its in-house operating system to replace Android for its future smartphones.

It emerged that Huawei has just registered a couple of trade marks with the European Union Intellectual Property Office. These include “Huawei Ark OS”, “Huawei Ark”, and “Huawei Ark Compiler”. It looks that “Ark” could be an overarching brand that covers both the OS and the compiler. It is possible that this would be the name of choice by Huawei for its in-house operating system to replace Android, as was reported earlier. Huawei declined Telecoms.com’s request for comment.

All the three trademarks filed belong to two classes on the “Nice Classification” of goods and services: Class 9 under “goods”, which the applicant explained specifically refers to “compiler software; operating systems for electronic devices”; and Class 42 under “services”, which the application specified includes “design and development of compiler software and operating systems for electronic devices; design and development of mobile phone applications featuring compiler software; Software as a Service (Saas) featuring compiler software.” The applications are “under examination” by the EU office.

Separately, the trademark office of China displayed that Huawei had filed applications for “Huawei Hongmeng” as the name of its operating system. The application was made in May 2018 and was published for opposition on 14 May 2019. In the Chinese myths, “Hongmeng” refers to the chaos before the world was created.

As we commented earlier, developing its own operating system is not the hardest thing to do. A Chinese media outlet reported that the OS was developed on top of Linux, the same kernel as Android, but with optimisation from the Huawei team. The more difficult part is to rally app developers around the platform. If the estimate is correct that Ark is the name of Huawei’s own mobile, Huawei is also providing its compiler to make porting apps to its own OS as easy as possible. Compilers are a kind of software language “translator” so that apps written in one language (e.g. Unix) can be ported to a platform based on another language (e.g. Linux). How much app developers will be motivated to carry out the porting will be a big question mark.

Constrained by time and budget, most apps developed for the Android platform, notorious for the fragmentation of the device specs, are often only tested on the top 20 or 30 best-selling models before they are submitted for publication (e.g. in the Play Store). That is why if a consumer is not using one of those best-selling models, she may find certain apps not rendering properly. Using compilers to port the apps to another platform, despite that it is based on a similar kernel, will be more complex and add additional cost. Both Windows Phone and Tizen, among other attempts, failed to dent the iOS – Android duopoly because there was not enough developer enthusiasm. Additionally, this will not solve the problem that the new platform may not have access to Google’s core apps: Maps, Gmail, YouTube, etc.

So, a safe bet would be that some Ark / Hongmeng based smartphones will be launched, if only for publicity purposes. Huawei will most likely sponsor the development of some apps, as Microsoft and Samsung did with their pet platforms. But its success will be limited, and its relevance minimal outside China. We may recall that a handful of Tizen smartphones were launched, to show that the platform, and the investment, actually delivered something, despite that all market indications were pointing to its failure.

Huawei’s in-house mobile OS is a very long shot

This story includes additional reporting from Jamie Davies.

In response to the threat of an imminent Android ban Huawei has started banging on about its own mobile OS, but who would want to use it?

Huawei’s mobile business boss Richard Yu was reported by the South China Morning Post as saying “The Huawei OS is likely to hit the market as soon as this fall, and no later than spring next year.” From the report this seems more like a fork of the open source Android core OS, with novel apps and a Huawei app store, much as Amazon has done with its Fire devices range.

While this is pretty much the only option available to Huawei if Google does withdraw access to licensed parts of Android, such as the Play Store, it’s hard to see it as a viable solution. The Amazon Fire phone offers perhaps the best precedent to draw upon. The premium device ticked all the hardware boxes but used a forked version of Android without the Play Store and as a result found a new use as a paperweight across Washington state.

Huawei will be able to continue using Android, it is open source after all, though technical support is only supplied to licenced partners, while any updates are rolled out through the open source much later than for the licenced one. This will have notable impacts not only on performance, but security. The most recent WhatsApp spyware issues were corrected through such an update, though unlicensed partners would still be exposed to the risk.

The issue Huawei faces is in the ecosystem. Wang Chenglu, President of the software engineering segment of the consumer business, told media in September developing the OS wasn’t a particularly complicated issue, but getting apps, services and products into the ecosystem is.

Smartphones are no-longer communications devices. These devices, which are millions of times more powerful than the computers which sent spacecraft to space in the 60s, are the focal point of our lives. If calling and texting was all we did, there would not be an issue, but asking for directions, collecting loyalty points, watching movies, playing games, signing into work, paying bills… everyday more functionality is being put onto the devices, and all these apps will have to be migrated to the Huawei OS.

Without apps smartphones are no longer smart. Yes, you can use the internet browser to access most services that also have an app but the user experience is significantly diminished. Huawei has the resources to ensure a lot of the top apps are ported to its own OS, but not all of them. Ultimately, in a largely undifferentiated Android smartphone market, there’s no reason for consumers to accept any compromise whatsoever.

There have also been numerous reports that Huawei was shocked by the Google decision but, in hindsight, that was an inevitable consequence of being put on the entity list, which in turn followed from US President Trump’s executive order. Maybe it was the Trump decision that surprised Huawei but since the US has been steadily increasing its hostility towards it for months that too seems a tad naïve.

Appropriately enough for something that could be Huawei’s last hope this OS is reportedly called Project Z. This has apparently been on the back-burner for a while, but largely designed for the Chinese market where a lot of Android features are blocked anyway. While we can safely assume it has now been given top priority, Project Z is reportedly still miles away from completion.

Even if Huawei completed the development of its own OS today, that wouldn’t make much difference for the reasons previously stated. Chinese smartphone vendors have benefitted enormously from having access to Android, but their reliance on a third party operating system and platform was always a precarious position. The likes of Xiaomi and Oppo will be watching Huawei’s struggles carefully.

US supply ban threatens to cripple Huawei’s global business

Another day, another escalation as Google heads a stampede of US companies apparently refusing to do business with Huawei.

As escalations go, however, this is a pretty big one. Reuters was the first report that Google has suspended some business with Huawei in response to the company being put on the US ‘entity list’, which means US companies need explicit permission from the US state before they’re allowed to sell anything to them. It seems that permission has been denied.

For Google this means denying access to those bits of Android Google licenses – mainly the Play Store and Google’s own mobile products such as the Gmail and Maps apps. Huawei can still access the core Android operating system as that has an open source license but, as companies such as Amazon have discovered, that’s pretty useless without all the other Google goodies.

We recently wrote that Huawei’s addition to the entity list is the most significant consequence of Trump’s executive order and here we have an immediate illustration of that. It looks like pretty much all other US companies are also rushing to comply with the new regulations, with Bloomberg reporting that Qualcomm and Intel are among others cutting of business with Huawei and others will presumably follow. Nikkei even reckons German chip-maker Infineon has joined the stampede.

Huawei already has an extensive chip-making operation of its own, so arguably it can cope without the likes of Qualcomm, but what about the millions of other bits and bobs that get crammed into a smartphone such as screens, cameras, memory, sensors, etc? A lot of these could be supplied by non-US companies like Samsung and, of course, Chinese ones, but there must surely be some areas in which Huawei is entirely reliant on the US supply chain.

But Google’s licensed mobile products and services are unique. An Android phone that doesn’t provide access to the Play store is massively diminished in its utility to the end user and Google Maps is the market leader. Google also has a near monopoly with YouTube and millions of people are reliant on things like Gmail, Google Pay, Play Movies. When there are so many great alternative Android smartphone vendors, why would anyone now buy a de-featured Huawei one?

In response to these reports Android moved to stress that it will continue to support existing Huawei Android phones in the following tweet.

Meanwhile Huawei issued the following statement. “Huawei has made substantial contributions to the development and growth of Android around the world. As one of Android’s key global partners, we have worked closely with their open-source platform to develop an ecosystem that has benefitted both users and the industry.

“Huawei will continue to provide security updates and after sales services to all existing Huawei and Honor smartphone and tablet products covering those have been sold or still in stock globally. We will continue to build a safe and sustainable software ecosystem, in order to provide the best experience for all users globally.”

Huawei has reportedly been working on its own smartphone OS in anticipation of this sort of thing happening but, as Microsoft, Samsung and others have found, there seems to be little public appetite for alternative to Android and iOS. Huawei may be able to sell a proprietary platform in China, where the Play Store is restricted anyway, but internationally this move will surely see Huawei smartphone sales fall off a cliff.

“If the US ban is permanent, we predict Huawei’s global smartphone shipments will tumble -25% in 2019,” Neil Mawston of Strategy Analytics told Telecoms.com. “If Huawei cannot offer Android’s wildly popular apps, like Maps or Gmail, Huawei’s smartphone demand outside China will collapse.

“If the US ban is temporary, and lifted within weeks, Huawei’s global smartphone growth will return to positive growth fairly swiftly. Huawei offers good smartphone models at decent prices through an extensive retail network, and it should recover reasonably well if it is allowed to compete.”

“We still don’t have a clear understanding of what Google has told Huawei and what elements of the Android operating system may be restricted, so it remains unclear what the ramifications will be,” said Ben Wood of CCS Insight. “However, any disruption in getting updates to the software or the associated applications would have considerable implications for Huawei’s consumer device business.”

There have been very few official statements on the matter from US companies, so Wood is right to tread carefully at this stage, but it’s hard to see this news as anything other than catastrophic for Huawei. Its consumer business, which is the most successful unit in the company, relies largely on Android to run its products and will surely be severely diminished by the Google move.

And there’s no reason to assume the damage will be contained there. Last year Huawei’s contemporary ZTE was almost driven out of business by a ban on US companies doing business with it. Huawei may have hedged its position regarding networking components suppliers more effectively than ZTE but it will presumably suffer greatly once those companies follow suit.

Huawei is one of the biggest companies in the world and has become so in spite of being largely excluded from the US market. The Chinese state will do everything it can to support Huawei, but at least some of its US suppliers offer unique products. At the very least this puts Huawei in a weak negotiating position with potential replacement partners and international customers, but the implications of this latest development are potentially existential.