Xiaomi responds to F-Secure’s privacy concerns about Mi phones

Xiaomi DataAs Xiaomi expands internationally, the company is under intense scrutiny and with every new day some or the other new privacy concern is popping up online. While all of these are the result of the lack of information about the internal workings of some of MIUI’s cloud based services, they sure can create panic among consumers, who value their privacy. In one such instance, known security solutions provider F-Secure found in its testing of the company’s Redmi 1S smartphone that the brand new phone with no services or accounts enabled was sending user information like IMEI number, phone number, contacts as well as text messages to Xiaomi’s servers in China.

Without the user-activation of any services, the forwarding of such private details to the company servers is worrisome. Now, Xiaomi Global VP Hugo Barra has come forward to explain the reasoning behind these actions.

Barra noted that the culprit behind the forwarding of these details is the company’s Cloud Messaging service, which is activated by default on all Mi phones (at least until now). He added that the company is pushing an immediate security update (already live) to Xiaomi phones, which will make the service opt-in and it will no longer be automatically activated.

Here are some excerpts from Barra’s Google+ post, full post can be found at Google+.

Q: How does this relate to the privacy concerns raised about Xiaomi over the last 48 hours?  What’s your response?

A: A recent article in Taiwan and a related report by F-Secure raised privacy concerns by stating that Xiaomi devices are sending phone numbers to Xiaomi’s servers.  These concerns refer to the MIUI Cloud Messaging service described above.  As we believe it is our top priority to protect user data and privacy, we have decided to make MIUI Cloud Messaging an opt-in service and no longer automatically activate users.  We have scheduled an OTA system update for today (Aug 10th) to implement this change.  After the upgrade, new users or users who factory reset their devices can enable the service by visiting “Settings > Mi Cloud > Cloud Messaging” from their home screen or “Settings > Cloud Messaging” inside the Messaging app — these are also the places where users can turn off Cloud Messaging.

We apologize for any concern caused to our users and Mi fans. We would also like to thank the media and users who have been sending us feedback and suggestions, allowing us to improve and provide better Internet services.


Post Author: Gaurav Shukla

Gaurav Shukla is the editor of AndroidOS.in. If you'd like to reach him, drop an email at 'gaurav@androidos.in' or connect with him on Twitter (@gauravshukla).

1 thought on “Xiaomi responds to F-Secure’s privacy concerns about Mi phones

    S M

    (August 11, 2014 - 4:41 pm)

    I think our security agencies should have a look into this issue to see how it can affect us in India

Leave a Reply

Your email address will not be published. Required fields are marked *