Alert!! Whether Xiaomi Spying on its Users - TheNextSpy

Are you a Xiaomi Smartphone user? Then you need to know about this

Xiaomi is one of the leading Smartphone manufacturers across the world has caught up with the Privacy issue against its users. Since Xiaomi was famous for its Budget based Smartphone Segment. Most of the users are relying on Xiaomi phones with this budget based Segment. But now all the Xiaomi users are in a Serious Privacy concern. A security researcher traced that Xiaomi is collecting data from its Xiaomi user's smartphone without users Knowledge. 


First of all, everyone needs to know that Xiaomi is the manufacturer of Redmi, MI, and  POCO smartphones. These are the brands are fully owned by Xiaomi. But they come under the categories called Sub-brand. So this privacy concern is for all the users who are using Redmi, MI, POCO smartphones. Also, these Smartphones comes under its own Customized OS MIUI ROM.

Now let us go through how Xiaomi Collects or steals Data from the user.

Every Xiaomi owned Smartphones are coming with the Xiaomi Default browser named MI Browser. When user tries to search or browse in this browser. All the user data and activity are collected and send to remote servers located in China, Singapore, and Russia. Even when the users browsing the web in Incognito mode data are being collected and send it to the remote servers. But now you will come up with fact that this type of data collection are done by all the brands. Most of the brands collect data from the user to personalize and improve the user experience. But Xiaomi is beyond one step further they are Collecting the activity of users even when the users Browsing in the incognito mode. So this is a serious concern. Also, the browser records the App which has been opened by the user.

Remote servers are not owned by Xiaomi

All the user activity is collected and packaged up and sent it to the remote servers in Singapore and Russia through the web domain they were hosted registered in Beijing. Servers are owned by Alibaba Cloud. Another issue appears to be with the encryption followed while transferring data to the remote servers. Xiaomi uses Base64 encryption standard. This is a poor encoding and it can be easily decoded and it takes seconds to view the garbled data into a readable format. So by this, another privacy concern is questioned over Xiaomi.

Xiaomi owned Browsers vs Other Browser

Xiaomi owned two browsers MI Pro and Mint Browser which were made available in PlayStore are also collecting the same data as same as MI Browser. Others Browsers are collecting the data from the user for their user data analytics and crash reports. But Xiaomi is collecting lot of data from its browser. Most of the new flagship smartphones by Xiaomi are also come up with the same browser code. So, in the same way, they will be collecting data from the users.

Whether Xiaomi Sent the data to the third party?
  
Xiaomi appears to have another reason for collecting data from the users. To better understand its user behavior. Xiaomi is partnered with a sensor analytics company called sensor data to perform data analytics over its users. Most of the App in Xiaomi are also sending data to the domains that appeared with reference Sensor analytics. So there is an API called SensorDataAPI.
Also, the Default music app owned by Xiaomi is also sending user behavior to Its servers. To have a deep analysis of user behavior.

This is not the first

Already Xiaomi was caught in Various Privacy concerns against its users. Last year a Reddit user claimed that Xiaomi is pulling its advertisement in its Settings App. This also raised a serious concern. Most of this data is also being collected to target users with Most personalized ads. Since Xiaomi told once that Company most of the revenue comes from Running Ads.

Xiaomi Response 

On May 3 company announced that in the upcoming update Xiaomi will fix the browser for sending user details to Chinese servers. Also in Incognito mode, the company will offer an option to users to turn on/off data aggregation data collection for Better managing the user information.

But as of now if you keen on privacy then Don't use MI owned Browsers. There is plenty of other browsers you can use any of them.


Any Queries feel free to contact at : admin@thenextspy.com



TheNextSpy






No comments:
Write comments

TheNextSpy

TheNextSpy

Featured post

Trick to read paid article for free