‘Baidu’ Folder Backdoor in Sony’s Xperia smartphone and tablets

Sony Xperia users have been complaining about the secret Baidu backdoor that is created automatically on all Sony Xperia devices. The matter was posted on Sony Forums about 3 weeks ago by a user going by the handle Elbird. In his post Elbird says that a ‘Baidu’ folder will be created on the Android KitKat 4.4.4 run build 10.5.1.A.0 .283 in internal storage.

This folder is apparently created automatically and without the owners permission. Once the Baidu folder is created it can relay the entire content as well as your communications, chats, video chats etc. to somebody in China. Elbird says that, through Baidu folder, the Chinese Governement can

Read status and identity of your device

Make pictures and videos without your knowledge

Get your exact location

Read the contents of your USB memory

Read or edit accounts

Change security settings

Completely manage your network access

Couple with bluetooth devices

Know what apps you are using

Prevent your device from entering sleep mode

Change audio settings

Change system settings

In short everything you do on your Sony Xperia device is being or can be notified to some third party.

MyXperia auto connects to China and the user cannot stop it

Another user meanwhile posted that, the MyXperia feature in the Sony Xperia series on smartphones and tablets is activated automatically and then connects to some Chinese site without his permission. He has posted that,

My concern is the MyXperia actives automatically without my agreement,

and connects to china, i can NOT stop it.

So, in the next patch,will the MyXperia not auto turn on,

and STOP sending any data to china ?

To demonstrate this, the poster, CodeMan put two images on the board. The images are given below :

Sony’s Response

Sony has not officially responded to this ‘baidu’ folder issue or as to why MyXperia was automatically activating itself without user permission and connecting to some Chinese IP. A poster on the thread, Rajanv, who was trying to reduce the users fears of their smartphone being used to track them and their communications by some Chinese entity, put this reply,

Thanks. Sony has recognized the issue and has said that in the next release it will be fixed. To add more, it has to remove baidu completely from the firmware. Baidu is listed in the US, and has path-breaking lightapps that allow apps to be installed without going through the Google Play Store. Therefore, there is a bigger risk to all Sony users if Sony implements such technologies on it’s handsets. When the baidu folder was created, there were SQLite 3 databases also within that folder and one of them was named lightapps_v?.db, which is not what I would operationally call a controlled environment. Therefore, if Sony wants to retain it’s flagship phones market, it should refrain from creating privacy concerns amongst it’s users, else it may lose the market even with such wonderfully advanced technologies like Bravia and Triluminous on it’s phones. And thank you @CodeMan for letting us know you used the OS Monitor app to get that great detail of information. I used the terminal emulator by ackpal available on google playstore to find out the network connections at any given time on the phone. Had to type commands like netstat manually and then lookup the IP addresses on a PC. OS Monitor should save me a ton of work.

Though Sony’s response is still being awaited, the matter has escalated with users using both Reddit and Hacker News to vent their fury as well as convey their fears about being spied upon.

After the recent revelation by F-Secure that Xiaomi smartphones were sending user data back to the servers based in China, Sony will have to come out with some plausible explanation for both

Why is the ‘Baidu’ folder created on Sony Xperia smartphones and tablets

Why is the MyXperia feature auto starting without user permission and why is it auto connecting to servers based in China.

Workaround

However till such answers are received from Sony, users may do well to root their smartphones and tablets and delete the unrequired folders.

For users who dont know how to root their Android devices, here is a bit of workaround which might work.

Back up important data on the phone and do a factory reset.

Start up the phone, go to Settings -> Apps -> Running and force stop the myXperia apps running (there are 2).

Remove the baidu folder using File Kommander.

Next, enable developer mode, Settings -> About Phone -> Click 7 times on the Build Number.

Next, enable developer mode, Settings -> About Phone -> Click 7 times on the Build Number. Download or install the Android SDK. Install it. Connect the phone to the computer with USB cable.

Next, run the adb tool in the android sdk’s platform tools folder as (to be done in a command line window)

adb shell <enter>

In adb shell, type the following commands:

In adb shell, type the following commands: pm block com.sonymobile.mx.android

Exit adb

reboot

Doing this will ensure that the secretive ‘baidu’ folder is not created thereafter. However, there is no guarantee that the /system/libbdpush_V2_0.so library will not run post this workaround.

You can visit the Sony Forum for further details on this problematic issue.