In mainland China, the Communist Party has been monitoring the people around the clock using technologies like Skynet and Sharp Eyes Project. Now, the software tools used for evidence collection against criminal suspects have entered the daily lives of ordinary citizens. Even if regular people are just exercising their rights and not committing crimes, they may still have this invasive data collection software installed on their devices.
Recently, the security investigation company Lookout revealed that the Chinese police are using a new mobile evidence collection tool called Massistant, which is the successor to MFSocket. According to Lookout, Massistant has access to device’s GPS location information, messages, images, audio, contacts, and phone services permissions.
As early as 2016, mainland internet users reported instances of police installing MFsocket during ID processing. MFsocket takes over the phone’s Root permissions, granting access to all information. Root permissions, also known as admin privileges, in Android systems, grant full control over the user’s device, allowing access to and modification of core system components.
By 2018, there was an increase in posts on mainland social media on how to uninstall MFsocket. These posts indicated that after installation, phones were running unusually slow, and users couldn’t find the software processes, installation packages, or even uninstall the software. Initially, police installed such MFsocket mostly targeting Xinjiang or individuals on probation, but ordinary citizens were also being targeted.
In June 2019, with Western media attention, the issue of Chinese police forcing citizens to install MFsocket was exposed. Social media platforms displayed incidents where police in Beijing and Shanghai conducted surprise checks on people’s phones and installed a mobile application called MFSocket.
In July 2019, an IT professional pointed out that MFSocket requires dangerous permissions such as reading call logs, contacts, messages, calendar, SD card access, disabling screen lock, accessing location, and installing new applications without consent.
This application also features a rare USB kit that requires connecting the phone to a computer via USB for the app to function. Upon disconnecting the USB, the app would self-remove.
This would allow the police to simply plug your phone into a computer at customs, upload all your secrets in a matter of minutes to government servers, making them crucial personal data. This incident mirrors cases reported in Xinjiang where foreign travelers passing through the region had a surveillance app named BXAQ installed to search for sensitive content on their phones, uploading the records to government servers.
In post-2020 instances like “phone installed with Massistant by police” started to emerge.
According to publicly available information, Xiamen Mei Ya Baike, the company behind these evidence collection tools, has become a core component of China’s digital monitoring system over the past decade. They have developed various monitoring technologies, including covert phone spy software applications for law enforcement use and forensic hacker devices.
In July 2018, a Chinese state media, China Daily, reported that over 50 large data market supervision and management platforms were developed by Mei Ya Baike for local government agencies across the country. Through these platforms, local governments and administrative units could collect data, identify potential risks, and significantly improve operational efficiency.
However, Mei Ya Baike was included on two separate US sanctions lists: the Entity List in October 2019 and the Investment Blacklist in December 2021, primarily based on national security considerations.
Besides MFsocket and Massistant, Mei Ya Baike also offers a range of other products such as high-speed hard drive duplicators, electronic data read-only protection devices, dynamic forensic simulation systems, forensic examination integrated platforms, forensic dedicated machines, and mobile forensic analysis systems.
In May 2018, Reuters reported on a surveillance equipment exhibition held in Beijing showcasing hundreds of monitoring devices, including the XDH-CF-5600 scanner from Mei Ya Baike called “Phone Detective.” It could crack smartphone passwords within seconds, extract personal data from call and messaging apps, and access contact lists.
In 2022, Mei Ya Baike announced a breakthrough in Telegram forensics technology, enabling passwordless access in most Telegram scenarios. Additionally, the forensics master V6.1.94163 version announced precise analysis of WeChat without scanning, among other features.
During a security conference in Beijing in 2015, a Mei Ya Baike representative claimed they could extract user data by backing up iPhone devices. The multi-threaded resolution of an iPhone 6 phone would only take a little over 2 minutes. Even if a phone is damaged, data can still be extracted through the chip.
According to Reuters, a few companies in Israel and the United States have successfully cracked iOS systems, a capability generally kept secret. The Chinese authorities admitted they had the capability to do so as well.
Moreover, in Shenzhen’s Huaqiangbei, there indeed exists chip unlock technology capable of extracting all data from storage chips, which if destroyed, would render the data irretrievable.
But Mei Ya Baike’s claims may be somewhat exaggerated, as their effectiveness is generally limited to Android phones and older iOS devices. The latest versions of iPhone systems usually prove challenging to breach. However, they are more vulnerable to notorious brands like Xiaomi, OPPO, Samsung, and some older Apple devices.
Mei Ya Baike’s forensic tools were initially used in Xinjiang, Tibet, and with certain criminal suspects. For complicit activities infringing on Uyghur rights, Mei Ya Baike was blacklisted in the United States in 2019.
According to reports from “Tibet Watch” and “Turquoise Roof”, Mei Ya Baike will provide advanced network operation training and digital forensics laboratory facilities to the Tibet Police Academy in Lhasa. With the internal crackdown and external hostilities led by the Communist Party causing unrest and instability, the scope of application for these forensic tools is expanding. Even ordinary citizens exercising their rights and not involved in crimes might have this invasive data collection software installed.
In January 2019, a netizen named Bonnae found her phone’s surveillance log showed she was once installed with a software named MFSocket for sharing news from Hong Kong Apple Daily.
Jiangsu resident Gao Xinquan experienced a house demolition issue with the local government for over a decade without any progress through petitioning. Last year, local police arrested her for allegedly making inappropriate remarks online, seizing her computer and phone. Subsequently, her computer’s screen went black and couldn’t be turned on, and her original petition materials were missing upon inspection via other means.
Upon receiving her phone back, the WeChat call function was disabled, affecting all contacts, leading Gao to file a complaint with the police. Oddly, the alarm recordings on the phone were deleted right in front of her eyes.
Gao Xinquan recounts, “Whether the phone is blacklisted or not, I’ve had numerous phones blocked in my lifetime, at least ten phones!”
Former Chinese human rights lawyer Wu Shaoping told Epoch Times that initially, these tools were mainly targeting groups such as border police in Xinjiang, individuals with previous criminal sentences, or those on bail.
Wu Shaoping pointed out that these tools are indeed in use in these areas, though not fully embraced. Whenever lawyers are detained or arrested, often the police would confiscate their phones. Individuals like human rights lawyers and dissenters are often targeted for installing such software.
Analysts believe that the use of the MFSocket app signifies that the Chinese police are shifting towards an “intelligence-led” policing approach, focusing on investigating before illegal activities occur. This trend is reminiscent of the so-called anti-fraud apps launched by the Chinese authorities, which aim to “maximally prevent crimes.” In 2024, the Chinese Ministry of Public Security introduced new legislation allowing law enforcement to collect and analyze electronic device data without the need for search warrants.
Lookout’s report cautioned that traveling to and within mainland China could expose travelers, business visitors, and related personnel’s confidential mobile data as part of the legally sanctioned surveillance measures taken by national authorities.
Liu Dadong, a former software developer in Beijing, stated that China’s actions are primarily aimed at individuals who frequently travel in and out of the country. Due to China’s lack of control outside its borders, leaving the country means directly accessing information barred domestically. Therefore, China seeks to monitor individuals to gauge the frequency and extent of circumventing information censorship.
Zhong Shan advised using devices with improved security, like Apple products, for sensitive communications, using SIM cards from abroad which can be easily destroyed as needed, not using and trusting facial recognition for unlocking, opting for multi-factor authentication, relying on dependable foreign emails for verification codes, disabling automatic backups, and resorting to brute force for securing mobile devices, like physically destroying iPhones.
Though Mei Ya Baike faces considerable hurdles, Zhong Shan believes the company and its personnel listed may encounter travel bans to the US and EU, potentially being detained for coerced interrogation or espionage.
Liu Dadong stated that once you agree to unlock your device, you essentially give up most of its permissions, even for foreign Apple devices. Hackers usually try to coax users into inadvertently leaking key information, while the Chinese government can enforce cooperation directly using national authority.
Gan Wenwei mentioned that with iOS and the latest system versions, the most effective method to secure the device is setting the phone to erase after a certain number of incorrect password attempts. However, in China, authorities might resort to violent methods and coercion, making it challenging to stand firm. If you don’t provide the password, they have countless ways to pressure you.
Gan Wenwei revealed how Chinese authorities resorted to violent interrogation methods like forcing individuals to stand barefoot in interrogation rooms, wearing thin clothing, enduring cold air conditioning all night. In his experience, the lack of clocks in China’s interrogation centers causes disorientation, with no sense of day or night, constituting psychological torture.
“If you genuinely want to prevent sensitive information leakage, you may have to use overseas servers to communicate with foreign entities. However, this is quite challenging for the average person without the required technical expertise,” Gan Wenwei remarked.
Regarding testimonials of hardened phone destruction, Zhong Shan advised to count on devices from overseas with robust security, leveraging overseas SIM cards that can be easily and swiftly damaged. Disregard utilizing and believing in facial recognition for access, resorting to additional multifactor authentication through emails from reliable foreign services, turning off automatic backups, mistrusting rescue tools, resorting to mandatory factory resets equivalent to enforced formatting, and lastly, financial indifference towards breaking a device like an Apple phone.
Zhong Shan added that while Apple devices boast superior security, one should prefer devices operating abroad, as individuals returning from overseas often encounter mobile checks at customs, treating every traveler as a criminal suspect, which can undoubtedly dishearten individuals visiting their home country.
On a parting note, Zhong Shan underscored that the struggle would only intensify for Mei Ya Baike in the future due to inevitable updates and upgrades of the Android operating system and devices. As the ecosystem evolves with each iteration, their methods will gradually lose efficacy, faced with a narrower path, leading to challenging times ahead.
Wu Shaoping opined that the Communist Party exhibits a deranged obsession, treating every individual in society as an enemy, resorting to egregious means to monitor the populace, indicative of a deep-rooted lack of confidence in its own governance. Only the collapse of the Communist Party can restore dignity and rights to the Chinese people.
Wu Shaoping lamented how the Chinese people have resigned themselves to an increasingly diminished sense of dignity, surrendering rights to gratify the evil desires of the ruling party; this submissive attitude foments the audacity of the Communist Party, unopposed by any resistance.
“If each individual recognizes this as a violation of their rights and dignity, they must summon the courage and action to resist. Believing that facing pushback, the Communist Party would at least exhibit some fear toward citizens,” Wu Shaoping declared.
Wu Shaoping concluded that if the population continues to acquiesce, the trend will persist, potentially extending to mandatory installation of such software on phones at the manufacturing stage. “The only solution is for the Communist Party to fall. Only by the collapse of the Communist Party can the Chinese people live with dignity and rights.”
Regarding the developing trend, Liu Dadong voiced concern that China’s approach predominantly targets individuals who frequently travel abroad since the party’s control outside China is limited. Leaving the country equates to literal bypassing of censorship constraints, hence China aims to gauge how frequently and to what extent individuals scale these information barriers while overseas.
In the end, the cycle of surveillance and control in China is becoming more pervasive, infringing on the rights and privacy of individuals, irrespective of their innocence or guilt. This evolution of surveillance tools reflects the broader authoritarian shift in China’s governance, highlighting the urgent need for protection of civil liberties and freedoms.