cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
search icon

Original topic:

even on the private “incognito” mode !

(Topic created on: 05-02-2020 01:24 AM)
immi007
Expert Level 5
Options

‎05-02-2020 01:24 AM (Last edited ‎05-02-2020 01:55 AM ) in 

Others
Xiaomi, India's largest smartphone maker, sending browser data to China
[Update: Added Xiaomi response]

Video: Reaseacher showing phone logging the browser data

Security researchers claim that the Chinese company has provided loopholes on its phones to transmit data to remote servers hosted by Alibaba, reported Forbes.  

Amongst other preloaded apps, the default Web browser on Xiaomi's Redmi and Mi series phones were found recording Web history of users even when switched to “incognito” mode. 

However, Xiaomi has denied the claims, adding that while it tracks some anonymous browsing data, it does not share this with third-parties.

According to the Forbes report, 
surfing the net via Xiaomi's default browser records all the websites visited, including search engine queries whether with Google or the privacy-focused DuckDuckGo, and every item viewed on a news feed feature of the Xiaomi software. 
That tracking appeared to be happening even if one uses the supposedly private “incognito” mode.

The device was also recording what folders are being opened by a user and the screens swiped, including the status bar and the settings page. 

All of the data was being packaged up and sent to remote servers in Singapore and Russia, though the Web domains they hosted were registered in Beijing.


Further, browsers shipped by Xiaomi on Google Play—
Mi Browser Pro and the Mint Browser—were collecting the same data. According to cybersecurity researchers Gabi Cirlig and Andrew Tierney,  millions are likely to be affected by what Cirlig described as a serious privacy issue, though Xiaomi denied there was a problem. 

The researchers said that his identity and his private life were being exposed through the loopholes that Xiaomi seems to have intentionally added to the software available on the Redmi phone. 

Cirlig found that the security flaws weren't limited to his Redmi Note 8 and according to him, exist across various Xiaomi phones. 

He was able to confirm their existence by downloading the firmware for the Mi 10, Redmi K20, and Mi Mix 3. 

Like Cirlig, Tierney also found Xiaomi's that browsers available for down on Google Play — Mi Browser Pro and Mi Browser — were collecting the same user data. 
Both browsers have over 15 million downloads, as per the stats on Google Play.

In response to the findings, Xiaomi said, “The research claims are untrue,” and “Privacy and security is of top concern,” adding that it “strictly follows and is fully compliant with local laws and regulations on user data privacy matters.” But a spokesperson confirmed it was collecting browsing data, claiming the information was anonymized so wasn’t tied to any identity. They said that users had consented to such tracking. 

However, the researchers pointed out that Xiaomi was also collecting data about the phone, including unique numbers for identifying the specific device and Android version

Cirlig said such “metadata” could “easily be correlated with an actual human behind the screen.”


This isn’t the first instance when the Chinese company has been accused of unauthorised data access. 

In 2014, cybersecurity firm F-Secure had found Xiaomi phones silently sending information like stored phone numbers, exchanged text messages and IMEI number of a handset to a remote server in China.

Xiaomi later attributed the issue to a loophole in cloud messaging system and fixed it.

Update: 

Xiaomi Responds in Blog Post

In an official blog post on Mi.com, 

Xiaomi strongly denied the allegations that they were violating user privacy.





-Posted in others since it's an important news about privacy.


Source News:



Original Article about it in Forbes

8 Comments
GeekGuy
Active Level 7
Options

‎05-02-2020 04:12 AM in 

Others
Good article!
People should read it and know.
There is a video proof as well.👍
immi007
Expert Level 5
Options

‎05-02-2020 04:14 AM (Last edited ‎05-02-2020 05:16 AM ) in 

Others
thanks...

i always make my posts better and learn more as long as the journey goes 🙂

credit goes to Forbes researcher's...👍
0 Likes
God_Of_Thunders
Expert Level 1
Options

‎05-02-2020 07:42 AM in 

Others
people should know not to use chinese phones like mi. thankgod I sold my mi.🙂
immi007
Expert Level 5
Options

‎05-02-2020 07:53 AM (Last edited ‎05-02-2020 07:53 AM ) in 

Others
yes,
but mi claims it is only for improving use experience
but
everyone knows that they are also collecting user specific data.

good you sold your phone.
0 Likes
Anonymous
Not applicable
Options

‎05-02-2020 11:20 PM (Last edited ‎05-02-2020 11:22 PM ) in 

Others
Doesn't make Any sense

Rom Change karlo Problem Solved 👍

Xiaomi ke sare phones Pe Excellent Developer Support hai Koi bhi Rom karlo Flash
immi007
Expert Level 5
Options

‎05-03-2020 12:25 AM in 

Others
ROM change tho kar sakthe hai....

paar batth tho privacy ka hai..

bina bole data bechana sahi nahi nahi

@baba
0 Likes
Anonymous
Not applicable
Options

‎05-02-2020 11:23 PM in 

Others
@immi Bro is Video ko bhi Dekh lo

Xiaomi india ke CEO ka Video hai
https://youtu.be/IG-DqVbX6UU
immi007
Expert Level 5
Options

‎05-03-2020 12:24 AM in 

Others
dekhunga....

voo tho deny hii karenga
0 Likes
Related Content