Security issues on Xiaomi mobiles: gathering information

NinFan

Security issues on Xiaomi mobiles: gathering information

Gathering, information, issues, mobiles, security, Xiaomi


It has always been said that when a product is offered free to the consumer, the product is not the service they are offering, but you. In the online section where most of them are free, companies use the data that users use to make a profit. Google itself is established in that building.

The problem comes when that data is anonymous and the thread can be easily set up from one user to a specific data.

This is what Xiaomi is currently accused of according to a Forbes exclusive. The Chinese product will be collecting more information from its users than previously believed.

Collecting private data and usage patterns

According to investigations by the media, the company would keep information from its users not as usual, as other companies, but in a more aggressive way, for example saving data from web pages we see incognito in their browsers.

In addition, the mobile phone will send information to company servers about which folders we open, where we sleep and so on.

Except for Xiaomi mobiles: two suspicious apps

Xiaomi's mobile security issues: gathering more information

Investigator Andrew Tierney, hired by Forbes, investigated the case and found that not only did the housekeepers submit details of the model, but also other applications from the company.

Two alleged applications for this, Mi Browser Pro and Mint Browser, were both created by the company and can be easily downloaded from the Google Play Store.

Insecure encryption

The Chinese company claims that the information sent to its servers is encrypted and that there is no connection between it and the users producing it.

Tierney found that while it's true to be encrypted, the protocol (base 64) is so insecure that it only took a few seconds to break it down and see the details you should have seen.

Xiaomi replied that this information was not true. There is data collection (this is nothing new, the marketing of their mobiles is based in part on it and we already know it), but according to the company it is unknown.

The commenter pointed out that Xiaomi's behavior is less invasive than what was seen in other browsers such as Chrome or Safari. «It's worse than some of the best browsers I've seenSaid Tierney. «Most of them store data, but mostly general use and failures. Maintenance of browser functionality, including web addresses, without explicit permission and in private browsing, is as bad as it sounds«.

The Forbes reporter himself, Thomas Brewster, described on Twitter a the other side related to this problem.

We've contacted Xiaomi Spain to find out more about these issues, and will update the article as soon as we have the answer.




Leave a Comment