Controversy exploded by revealing that Xiaomi spies on you
Forbes magazine echoed recent research that leaves us stunned and places Xiaomi under a strong controversy.
It is noteworthy that this is not the first time the Chinese giant is defamed in this way. On one occasion, it was also accused of espionage and working for the Chinese Government.
Which leave us a lot to think about this news.
Gabi Cirlig, an experienced cybersecurity investigator, revealed to Forbes Xiaomi’s violation of user privacy. The expert discovered that his Redmi Note 8 mobile phone was spying on his Internet activity.
Cirlig alarmed, manifest there are problems with the way Xiaomi is transferring the data to its servers.
The expert not only assures they were spying on their activity on the Internet, even in the “incognito” private mode. But also, they would be tracking data ranging from search engine queries, the history of visited sites, till what folders or screens open.
The dilemma, according to Cirlig, is that this information is packaged and protected with a base64 encryption that can be easily broken, exposing the user data.
These packages also send data such as the unique identifier of the phone and the version of Android installed. According to the security expert, they could easily correlate with the owner of the device.
Cirlig made it clear that Xiaomi spies on you and was very concerned when he realized his privacy and identity, and the privacy of many people, were being exposed to the Chinese giant.
Your data is sent to Alibaba, the Chinese Amazon
On the other hand, this information would be sent to remote servers in Russia and Singapore registered in Beijing, hosted by another Chinese technology giant, Alibaba, which allegedly rented this space to Xiaomi. Although, web domains they hosted were registered in Beijing.
Cirlig also warns that this behavior of Xiaomi spying on you, would be happening on other devices such as the Xiaomi Mi Mix 3, Redmi K20 and Xiaomi Mi 10.
This is due to verified that the firmware of these terminals shares the same browser source code as his Redmi Note 8 mobile.
In this video, recorded by this cybersecurity researcher demonstrates how a search for a pornography website on Google and a visit to the Porn Hub portal in incognito mode are collected and sent by the mobile device.
Meanwhile, Forbes hired Andrew Tierney, another expert security researcher, to dig deeper into this behavior of Xiaomi spying on you.
Tierney also revealed that Xiaomi’s Mi Browser and Mint Browser, two apps that have more than 15 million downloads on the Play Store, -according to official statistics from Google Play Store- tracked all the websites visited by a Mi user, including search terms on Google and DuckDuckGo focused on privacy.
Tracking was frequent, even when the browser was set to private or incognito mode. The device also tracked usage data and sent it back to Xiaomi’s servers.
While data collection is common among most browsers on the market today, the experiment by Gabi Cirlig and Andrew Tierney highlighted that Xiaomi’s behavior is much more invasive than other browsers like Apple’s Safari or Google Chrome.
Many browsers take analysis, but it is about use and failures in order to “improve the user experience”. However, Xiaomi goes a step further by accessing information in an incognito mode, where users believe that their Internet behavior is safe.
“My main concern about privacy is that data sent to their servers it can easily be correlated with a specific user“, said Cirlig.
Xiaomi denies everything and says it is a common and legal practice
The last statement of the brand claims that:
“Xiaomi is disappointed with the latest Forbes article. We believe that you have misunderstood what we communicate regarding our data privacy principles and policy. The privacy and Internet security of our users is a top priority at Xiaomi; we are confident that we are strictly and fully compliant with local laws and regulations. We have communicated with Forbes to clarify this bad and unfortunate interpretation“.
Xiaomi is a firm valued at $50 billion and is one of the top four smartphone manufacturers worldwide, behind giants like Apple, Samsung and Huawei.
Xiaomi’s sales strategy is to offer smartphones with wonderful qualities of high-end devices, at a very affordable price. But what is in exchange? That low cost could have a high price: your privacy.
It is expected that, in these investigations cataloged as a serious drawback safety data protection you feel affected as many millions of people who have these devices. However, Xiaomi denies that spies on you, nor that these problems exist.
Do you trust what the Chinese giant declares or do you trust the cybersecurity experts? What do you plan to do about it knowing that xiaomi spies on you?