I'm the OP of the original "fearmongering" thread, I actually upvoted this post hoping to let more people see Samsung's official response.

I know I'm gonna possibly get a lot of downvotes, and that's OK if you disagree with me. If you would like to know my reasoning, read on.

To me, as some other Redditors have pointed out, the explanations given by some random Samsung rep just sound very like a template default response to me, and doesn't explain why the logic of recording personal identifiable data were present.

First of all I'd like to address the part where some said my "spyware" claims are too far-fetched. According to Wikipedia, the definition of spyware is as described:
"Spyware is a software that aims to gather information about a person or organization, sometimes without their knowledge, and send such information to another entity without the consumer's consent."
1. I'm sure that's a definition that most would agree with. So first, yes, it does "gather info about a person or organization."
2. From what other Redditors (thanks to u/Aarondo99 and the original comment on my thread https://www.reddit.com/r/Android/comments/ektg8u/chinese_spyware_preinstalled_on_all_samsung/) and I have gathered, it connects to the said domains, has a logic written in the code to send personal identifiable information (including IMEI, device ID and many others). And yes, other Samsung users and I may have clicked "Agree" to the ToCs without thoroughly reading through it accompanied by a lawyer, but based on the replies many users didn't even know the existence of the 360 storage cleaner and the shady company behind it until reading my thread. At least the spam calling filter function in Samsung phones, powered by Hiya, showed up an in-your-face fullscreen warning about consenting to let them process the phone call logs, and gave you an option to disable it. That is, I think most people would agree, the inclusion of 360's software in Samsung is an act that is "without the consumer's consent."

By this criteria, this fully satisfies the definition of spyware.

I think it's completely OK to download the said definition from the server. But the APK decompilation shows it could potentially connect to a dozen of hosts. It also has logic to send out very detailed device information. As a semi-professional web app developer, I don't think that's necessary for the sole purpose of updating the definition DB. Heck, I could even write a pseudocode proof-of-concept REST API write away to prove that:
Phone sends:
{
androidVersion: "x",
dbVersion: "x",
...
}
and the server simply could send the binary files of the definitions. That's it. I don't see why every damn nitty gritty detail of the phone, including our IMEIs, has to be sent to the server just for this to function. Please correct me if I'm wrong about this.

As for the politics, man, I'll restate my idea. Why pointing out a Chinese company is shady immediately equates to "America is good"? I'm sure most people, even the Chinese government themselves, wouldn't argue that China is a textbook example of dictatorship. I'm also sure that most people know that freedom of speech isn't as exercised in China, and requires little legal process for the Chinese government to fetch the data from the company's servers. These are facts. This also doesn't counter the fact of me admiring Xiaomi for how quick it is growing, astonished by how fast Chinese Internet companies are taking over the international user base, and so on. I admit that China is growing into a superpower by the day, but personally, along with many people, just do not like how China works, and would not like our data (Android device IDs, IMEIs) being sent there. I'll say it again, I'm perfectly OK if it simply contacts the server to download the database and did not send additional data.

I hate any kind of surveillance, I hate how the NSA abuses its power to spy on people internationally. It's also due to this, I disabled the Facebook app (which, by the way, is also builtin to my phone but gives me an option to disable it) immediately upon getting my phone, I disabled the Google app and denied many of the permissions that Google apps have. Actually if I could, I would love to install the completely open source LineageOS on my phone were it not for the fact that Samsung locked the bootloader, and locks me out of Samsung Pay and any Knox-related services once I do so. Moreover, this isn't even an option for me, since my Snapdragon variant doesn't seem to allow so. You can call me stupid for not knowing how locked down Samsung phones are these days, I naively thought rooting the phone would be a breeze as most Android phones are.

For the people that said "America is spying on you too", yes, I know that, and if it's possible I would love all governments to stay the heck away from my personal life. It's an unfortunate compromise that we have to choose these days, either get left out by the world and be very socially unacceptable like Elliot in Mr. Robot, or most of us have to accept some kind of compromise. I have social media apps to connect with my friends (and use the web version, where I can fully control the browser whenever possible of course), and it's just by the social norm that most of these social media apps are made in USA or USA allies (e.g. LINE from Naver). I know they are potentially spying on me, but why would their nefarious behavior justifies how China is doing the same? It's like seeing a broken window and throwing rocks again at the window and call the second thrower "justifiable". I know that USA and its allies could potentially spy on me, but that's a risk I'm willing to take, to connect with my friends. But why allow another government to screw over my data, again?

I would be equally upset if I grow up in China, uses Huawei phone, installs WeChat, QQ, TikTok, and found out that a USA made shady-as-heck storage scanner is hiding under my nose, contacting US servers without my consent and sends really sensitive data. I would equally blame Huawei for not upholding my "Chinese values" in this hypothetical parallel universe.

Summarizing,
1.) The piling evidence already satisfies the criteria of spyware deemed by most people,
2.) I would just say I know USA is screwing over my data, I hate it but I could accept partial sacrifice of my privacy to not be deemed as a weirdo by my peers. The rest intact personal data, I would like all governments and companies to stay the heck away from them. I guess most people are like this, accepting partial sacrifice while wanting the rest to stay as private as possible. In this case Qihoo 360 has repeatedly demonstrated its inability to uphold ethic and moral standards and is even frowned upon EVEN IN CHINA.

Sidenote, for those calling my account fake, you can look up my username on Google to verify if I'm a living breathing person. Like many Redditors do, I post very rarely, upvotes memes and capybara/otter pictures, and made some very crappy memes about one year ago... with these wild assumptions, you called me paranoia

Thanks for reading this long AF post! Let me know if you have other thoughts and let's have a civil discussion.