Header Ads

Xiaomi has been suspected of “secretly” stealing users’ information




China-based smartphone company Xiaomi recently marked a successful entry into the Philippines  market this month. Earlier this year, the company also announced its Redmi Note, which, just like Xiaomi’s other handsets, was an affordable with almost all features that an excellent smartphone provides. However, the handset might be doing more than what it has been advertised.
 
 
Kenny Li of Hong Kong forum, IMA Mobile, recently noticed something odd with its Redmi Note smartphone. He discovered that the device continued to make connections with IP addresses in Beijing, China. The device kept trying to make the connection, even after switching off the company's iCloud-like MiCloud service.
Although it was pointed out that the transmissions occur only over Wi-Fi, though the device does stay in contact with the servers via small "handshakes" while using cellular data. Li then tried erasing the version of Android and installed a new version of Android, But the problem still persisted.
 
Security Researchers from F-Secure Antivirus firm also confirmed that Xiaomi phones (RedMi 1S handset) send quite a lot of personal and sensitive data to "api.account.xiaomi.com"  server located in China, including following information:
  • IMEI Number of your phone
  • IMSI Number (through MI Cloud)
  • Your contacts and their details
  • Text Messages
Previously China has accused companies like Google, Facebook, Microsoft, and Apple for spying on countries. So, what China is doing? The same.
Xiaomi, which is also known as Apple of China, has yet to respond to the allegations that the Redmi Note secretly sends user data to a China-based server.
If the allegations on the Xiaomi handset come true, it wouldn't be the first time a Chinese smartphone was found spying on its users. It had happened before as well, China has been known for its Digital Spying and privacy invasion.
Later in mid-June, the breach on the Star N9500 could allow an attacker to record phone calls automatically, read emails and text messages, and remotely control the phone’s microphone and camera, in order to turn users’ smartphone into a bugging device that allows hackers to hear anything you are saying near by the phone. It could also be used for theft, including granting access to the user’s online banking service.

UPDATE
In a blogpost, Hugo Barra from Xiaomi company denies all the spying allegations made by F-Secure and other security experts.
"MIUI does not secretly upload photos and text messages. MIUI requests public data from Xiaomi servers from time to time. These include data such as preset greeting messages (thousands of jokes, holiday greetings and poems) in the Messaging app and MIUI OTA update notifications, i.e. all non-personal data that does not infringe on user privacy." he said.
Xiaomi's Mi Cloud service only able to backup and manage users' personal information in the cloud, as well as sync to other devices. But you can also turn it off manually from the device settings.
 
 

No comments

blogmytuts. Powered by Blogger.