October 4, 2014 by ...
A while back it was discovered that Xiaomi phones were ‘stealing‘ user data and sending it to Beijing. The handheld units would copy users contact lists, notes and even photos and send them to servers in mainland China. This was a breach of trust and security as it was done without owner permission.
After this indiscretion was exposed Xiaomi belatedly issued a patch and a bland mea culpa. Unfortunately for users, Xiaomi phones still pose a security threat- phones are still stealing data.
Xiaomi waited to read the tea leaves before explaining about their initial security breach. They wanted to gauge the fallout before replying. Due to less than rancorous ‘outrage’, customer angst was subdued. Xiaomi blithely explained that they had not heisted data but merely ‘stored’ it on mainland servers. They claimed to have done this in order to offer free messaging services and the like.
All of this could have been seen as benign if Xiaomi customers had been forewarned, but they were not. In fact, Xiaomi’s reply was more like a ‘quit complaining, what did you expect from such a cheap handheld?’
Continued Security Concerns with Xiaomi
To make matters worse, it seems as if Xiaomi has not fixed their security holes, despite what they have said. Taiwan has tested Xiaomi phones and found that two different models still pilfer data and ship it off without user consent. All of this after Xiaomi had claimed that their phones were safe.
Such disregard for customer privacy is raising a red flag about what Xiaomi does with user data. Had they been forthcoming about data storage and use, customers may have understood. Unfortunately, Xiaomi has not done so. Worse yet, Xiaomi continues to abuse customer rights by not fixing their handheld units. Customer backlash will probably be swift.
‘The head of Taiwan’s National Communications Commission (NCC), Howard Shyr, said Wednesday that tests have confirmed two models of Xiaomi smartphones still pose security risks even without a SIM card installed.
Shyr revealed the test results at a meeting of the legislature’s Transportation Committee, in which the lawmakers were concerned about the Chinese smartphone brand’s suspected information leak.
Data from the phones are transmitted to several servers, many of them located in mainland China, as long as the battery has power, Shyr revealed. Sending messages using instant message apps also triggers information transmission to several servers overseas, he said.
Earlier this year, Xiami upgraded the operating system of its phones in response to fears of information leaks from users, but the issue apparently has not been completely resolved.’