Cell Phone Security Breech-Xiaomi Handhelds Still Covertly Sending Data to China

5

October 4, 2014 by ...

A while back it was discovered that Xiaomi phones were ‘stealing‘ user data and sending it to Beijing. The handheld units would copy users contact lists, notes and even photos and send them to servers in mainland China. This was a breach of trust and security as it was done without owner permission.

After this indiscretion was exposed Xiaomi belatedly issued a patch and a bland mea culpa. Unfortunately for users, Xiaomi phones still pose a security threat- phones are still stealing data.

Background
Xiaomi waited to read the tea leaves before explaining about their initial security breach. They wanted to gauge the fallout before replying. Due to less than rancorous ‘outrage’, customer angst was subdued. Xiaomi blithely explained that they had not heisted data but merely ‘stored’ it on mainland servers. They claimed to have done this in order to offer free messaging services and the like.

All of this could have been seen as benign if Xiaomi customers had been forewarned, but they were not. In fact, Xiaomi’s reply was more like a ‘quit complaining, what did you expect from such a cheap handheld?’

Continued Security Concerns with Xiaomi
To make matters worse, it seems as if Xiaomi has not fixed their security holes, despite what they have said. Taiwan has tested Xiaomi phones and found that two different models still pilfer data and ship it off without user consent. All of this after Xiaomi had claimed that their phones were safe.

Such disregard for customer privacy is raising a red flag about what Xiaomi does with user data. Had they been forthcoming about data storage and use, customers may have understood. Unfortunately, Xiaomi has not done so. Worse yet, Xiaomi continues to abuse customer rights by not fixing their handheld units. Customer backlash will probably be swift.

Excerpt

‘The head of Taiwan’s National Communications Commission (NCC), Howard Shyr, said Wednesday that tests have confirmed two models of Xiaomi smartphones still pose security risks even without a SIM card installed.

Shyr revealed the test results at a meeting of the legislature’s Transportation Committee, in which the lawmakers were concerned about the Chinese smartphone brand’s suspected information leak.

Data from the phones are transmitted to several servers, many of them located in mainland China, as long as the battery has power, Shyr revealed. Sending messages using instant message apps also triggers information transmission to several servers overseas, he said.

Earlier this year, Xiami upgraded the operating system of its phones in response to fears of information leaks from users, but the issue apparently has not been completely resolved.’

Link

Advertisements

5 thoughts on “Cell Phone Security Breech-Xiaomi Handhelds Still Covertly Sending Data to China

  1. Lived in China says:

    I lived in China for years and this news is not surprising. The communist party demands loyalty from all firms operating in the mainland. Data theft and intrusions are common place.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 85 other followers

Stat Counter

counter for wordpress

Member of The Internet Defense League

Blog Stats

  • 46,625 hits
October 2014
M T W T F S S
« Sep   Nov »
 12345
6789101112
13141516171819
20212223242526
2728293031  
%d bloggers like this: