Attempting to make sense of the Mate 30 series Google services debacle

unsplash-logoAlexander London

While Huawei’s newly launched Mate 30 series lacks Google services, users have already found a workaround to install them, raising questions about the manufacturer’s security and the method used.

Artículo disponible en Español | Article disponible en Français

Since the launch of Huawei’s Mate 30 series, a lot has been said about the lack of Google mobile services. While initially, people managed to figure out ways to install Google’s mobile services on the device and even have it pass Google’s safety tests, things have taken a wrong turn over the past few days, with some media and users going as far as inventing some amazing conspiracy theories about the whole subject.

If we go back a few days, users quickly discovered a website, named “LZPlay”, that allowed, through a simple set of steps, to install Google’s applications and have the device behave as if this one had been certified by Google, thus allowing the use of applications such as Google Pay. While both a risky and fishy solution, reviewers and press talked about it, because, for some reason, a lot of people seem unable to live without Google’s apps.

Regardless, this website and method suddenly disappeared when catching too much attention, leading to speculation and drama on what should be a simple matter.

For instance, some users were quick to point out this method used an API from Huawei allowing to install applications that would behave as administrator of the device. Furthermore, this API is only found on Huawei’s Chinese documentation, and needs strict validation on Huawei’s side. And finally, some of the key parts of this API were undocumented, with users labelling this a “backdoor”. This pushed people to claim Huawei were the ones behind this website, and that this API was both dangerous and a backdoor, and using this as proof that Huawei had been finally caught red-handed spying on its users, as the US government has been claiming for a long time without concrete proof.

Well, yes, while Huawei added this API themselves for some reason, and the documentation is only available in Chinese, this does not come as surprising at all. For instance, the Mate 30 series are currently only sold in China and will shortly be available in Malaysia, thus not needing documentation in English. On top of this, this isn’t the first time Huawei has modified Android, with the addition of ARK Compiler earlier this year, which replaces parts of the traditional Android system. This change has been tolerated by Google in China, as the American corporation has no presence in this market, but has forbidden its use outside of China, due to this modification affecting the Android system itself, as previously mentioned. For the undocumented parts of this API, these might be limited to internal use, limited to very specific functions or even in development, and thus kept secret from the public and developers. Following this reasoning, one could even claim these parts of the API were left on the Mate 30 series system by mistake and should have been removed before shipping the final version, a blunder that is not uncommon amongst big manufacturers and software developers.

To this, we can also add the fact that Chinese Huawei devices come with a lot more applications than international variants, such as its own voice assistance, known as YOYO in its Honor sub-brand, and a more advanced version of the AR Engine. Huawei has also been heavily pushing its HiAI platform to developers, using it to accelerate a wide range of applications. While Huawei devices have some popularity outside of their home country, foreign developers will be less likely to work on Huawei’s Kirin chips and use HiAI as a platform, and instead focus on Apple and Qualcomm. Coming back to these APIs, it would not be surprising if they were used for purposes alongside these lines, or even for more specific, professional applications needing these permissions.

Now, people mentioned that the people behind LZPlay knew about these APIs days before the device launched, making it really curious, and, on top of that, the website and application were both ready for the release of the Mate 30 series, with some mentioning LZPlay has been around since the beginning of Summer 2019. Of course, one could think this is just Huawei doing their thing behind everybody’s back, although this seems unlikely, as this could expose the company to legal complaints and further distrust from the general public. Instead, we can just look at if anybody else does something similar. For Huawei, we have a precedent: FunkyHuawei. FunkyHuawei generally has access to software updates days or even weeks before anybody else, have found methods to unlock the bootloader on various models from the company, and, even more recently, they confirmed having a beta of EMUI10 weeks before this one was actually announced, at the Huawei Developer Conference 2019 in August. This much access means that the person, or team, behind FunkyHuawei, work or are related to Huawei in some way. Our guess is that they work at Huawei, and sell their employers’ work after their shift, in order to make some more money on top of their salary.

With LZPlay, the same is extremely likely: somebody at Huawei, knowing these APIs and having quite a lot of liberty, decided to either facilitate users’ lives or simply make some money in the long-term somehow. Or they might have just wanted to install Google’s mobile services on their Mate 30/Pro, and released the method to the public. Thus, this person could have just requested the API access, validated the documents himself and then reap the benefit, all of this without Huawei being aware of what was going on.

Generally, in these kind of situations, the simplest solution is the right answer, and there’s no need to think too deeply about the matter or even start making up conspiracy theories on how the manufacturer was intending on spying on every single user that used this method to install Google’s mobile services.

More on this subject:​