Recently Xiaomi every now and then becomes a defendant in all kinds of scandals. Either her official instructions for flashing turns branded smartphones into bricks, then the updates she releases contain so many bugs that they have to be recalled several times in a row, then her new charger turns out to be able to hack the devices connected to it. In a word, the company has a lot of problems and it is not that easy to solve them. But, as you know, trouble does not come alone, because now Xiaomi they have also been caught secretly spying on users.
Xiaomi has never been particularly sensitive to user privacy. But what has happened now can unsettle many
Many (if not all) smartphones Xiaomi have a hidden backdoor that allows the company to spy on their owners. This conclusion was made by the researcher in the field of cybersecurity Gaby Curlig. He studied the firmware of several devices of the Chinese brand and found that they are constantly collecting information about what users are doing. These were Redmi Note 8, Xiaomi Mi 9T, also known as Redmi K20, Xiaomi Mi 10 and Xiaomi Mi Mix 3. Nothing is known about the rest of the smartphones Xiaomi and Redmi, but only because Curlig failed to get them for the test.
How users are tracked
Xiaomi is indeed spying on users, although he denies it
It all started with researching the Mint Browser from Xiaomi, he said. As it turned out, it collects information about all user actions on the network, even if incognito mode is used, and then sends them to the servers Xiaomi. Despite the fact that the company itself claims that all the data it collects is carefully anonymized and encrypted, as it is required to improve the quality of service, Körlig found that this is not at all the case. Firstly, encryption takes place using the base64 protocol, which is quite easy to decrypt, which the researcher did, and secondly, Xiaomi collects unique data about the device, which makes it possible to establish the identity of its owner.
Starting to dig further, Körlig found out that he collects all the data according to the same principle Xiaomi. Thus, the company knows what applications its users install, what folders they create, what settings they change, how often they charge their smartphones, not to mention their movements and used access points. While many may find this something completely mundane, in fact, Xiaomi is acting contrary to its own privacy policy and violating the privacy of users, because it monitors them without their knowledge.
Why user tracking is good
But, apparently, not only Xiaomi gets access to information about users, but also another company called Sensor Analytics, which has servers in both China and Russia. The fact is that data collection is carried out through a special SensorDataAPI interface, which is built into the firmware of branded smartphones Xiaomi. It allows you to catalog all data about user actions, and then send it to the company for further analysis. Xiaomi, of course, denies the surveillance, but Curlig's words were confirmed by another independent researcher, Andrew Tierney.
Spying Helps Xiaomi Keep Smartphone Prices Low
It's pretty obvious to me why Xiaomi does this. After all, as you know, the marginality of the vast majority of its smartphones is quite low and is at the level of 8-10% versus 25-45% for competitors. It is clear that you cannot live on that kind of money. However, by collecting data on all users, studying their habits and preferences, Xiaomi gets a tool of colossal power. Thanks to this information, the company can very effectively adjust its business model, develop services and even simply sell it to advertisers, which, apparently, it does, given the presence of ads in the firmware MIUI.
Xiaomi, for its part, declares that it carefully monitors the privacy of users and, if it collects any data, it is only in an impersonal and encrypted form. Researchers have already proved that this is not so, which means that soon we will face a serious redistribution. After all, if the Chinese lose the ability to collect user data and adjust their development strategy based on them, it is likely that the company will simply start raising prices for its products, and smartphones will rise in price in the first place.