Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

China Smartphone Maker Xiaomi Apologizes For Unauthorized Data Access

samzenpus posted about 3 months ago | from the our-bad dept.

Cellphones 64

SpzToid writes Following up an earlier story here on Slashdot, now Xiaomi has apologized for collecting private data from its customers. From the article: "Xiaomi Inc said it had upgraded its operating system to ensure users knew it was collecting data from their address books after a report by a computer security firm said the Chinese budget smartphone maker was taking personal data without permission. The privately held company said it had fixed a loophole in its cloud messaging system that had triggered the unauthorized data transfer and that the operating system upgrade had been rolled out on Sunday. The issue was highlighted last week in a blog post by security firm F-Secure Oyg. In a lengthy blogpost on Google Plus, Xiaomi Vice President Hugo Barra apologized for the unauthorized data collection and said the company only collects phone numbers in users' address books to see if the users are online."

Sorry! There are no comments related to the filter you selected.

Apologies not accepted (4, Insightful)

Virtucon (127420) | about 3 months ago | (#47648963)

Why is it considered okay to do this until you get caught? Then you apologize? How about not stealing the information in the first place for starters. Fuckwads!

Re:Apologies not accepted (1)

electrosoccertux (874415) | about 3 months ago | (#47649117)

Why is it considered okay to do this until you get caught? Then you apologize? How about not stealing the information in the first place for starters. Fuckwads!

media spinning this. It wasn't an apology, it was an explanation of what's being used. I think it was just lazy programming honestly, read the blog post [google.com] yourself. Seems reasonable.

Re:Apologies not accepted (4, Insightful)

Anonymous Coward | about 3 months ago | (#47649607)

No, it wasn't lazy programming. It was broken by design.

From the blog post:

"A: For those interested in specific details about the MIUI Cloud Messaging implementation:

- The primary identifiers used to route messages are the sender and receiver’s phone numbers. IMEI and IMSI information is also used to keep track of a device's online status."

That's not a programming mistake.

Re:Apologies not accepted (1)

electrosoccertux (874415) | about 3 months ago | (#47651191)

Not that, the part where it wasn't encrypted.
I don't see what the issue is with using a phone number and IMEI.
Why is this a big deal?

Re:Apologies not accepted (3, Insightful)

Anonymous Coward | about 3 months ago | (#47649155)

Why is it considered okay to do this until you get caught? Then you apologize? How about not stealing the information in the first place for starters. Fuckwads!

Seems the only "Fuckwads" around here are us dumbass consumers who actually think that all those free apps we download wouldn't dare do the exact same fucking thing.

The only real difference is you blindly agreed to the spying in the EULA you didn't bother to read.

Re:Apologies not accepted (4, Insightful)

0123456 (636235) | about 3 months ago | (#47649215)

Of course, if the operating system actually had real user-level security controls, the apps wouldn't be able to do that.

I can't see myself buying another Android device so long as they expect me to allow pretty much every possible permission for every piece of crap app that doesn't even need half of them.

Re:Apologies not accepted (3, Interesting)

LordLimecat (1103839) | about 3 months ago | (#47649287)

Cyanogenmod allows you to "accept" apps that ask for all sorts of non-core access, and then revoke it afterwards. The app can attempt to access your addressbook, but it will get blocked.

Of course I havent had to use it, because I generally dont run into issues with apps asking for insane levels of access. Maybe its the apps you're using?

Re:Apologies not accepted (1, Interesting)

0123456 (636235) | about 3 months ago | (#47649465)

Pretty much any 'social media' app now wants access to pretty much everything. I know several people who've stuck with an old version of the Facebook app before it started demanding almost complete control over the device. Other mobile operating systems let you deny Facebook access to your camera or microphone, whereas Android included that feature in a recen OS release... and then removed it.

And, no, I'm not going to install some random other OS on the tablet when I can just buy a different device which includes that functionality in the first place.

Re:Apologies not accepted (1)

LordLimecat (1103839) | about 3 months ago | (#47652839)

Sometimes I feel like the world has gone mad.

Let me get this straight. You're using a social media app-- which generally combines functionality across basically all of your phone-- but you dont like the permissions it demands. Android gives you the ability to reject updates when they request more permissions, but thats no good; you could also choose any of a million alternative apps for any given social media site ("FAST for Facebook" for example), or use the Android Open Source Project derivitives on your existing hardware-- but you find that unacceptable, preferring instead to buy a new device rather than fixing your existing one?

Like the more I read the last sentence of your post, the harder my mind boggles. You object to making a very minor change to your phone (99% of the time you cant tell youre on CyanogenMod), preferring to spend more money AND switch entire ecosystems? What?!

Re:Apologies not accepted (1)

sysrammer (446839) | about 3 months ago | (#47651813)

My SO likes to play online games. The app-driven ones tend to ask for a lot of access. If this Cyanogenmod works, I'll be forever in your debt. You may have my first-born.

thx, sr

PS: Don't tell my SO about the first-born thing.

Re:Apologies not accepted (0)

Anonymous Coward | about 3 months ago | (#47652469)

Also look into LBE Security and XPosed... depending on your methods. Root required. ;)

Re:Apologies not accepted (1)

slaingod (1076625) | about 3 months ago | (#47652607)

"Of course, I need to sound like a douche, and I have to blame the victim."

Try to install any PushToTalk app from the play store, like Voxer, etc...
Try to install Yahoo Mail.
Try to install FB.
Try to install anything supported by ads and watch it ask for 'fine location', contacts, phone number, etc.

Not sure what you are using your phone for that you aren't running across apps ask for things that they probably shouldn't, and honestly I don't care, because I am sure it is a perfectly valid use case.

Re:Apologies not accepted (1)

LordLimecat (1103839) | about 3 months ago | (#47652859)

Try using apps that dont suck. For instance:
  * Facebook-- try "Fast for Facebook" [google.com] which is simultaneously faster AND less permissions-grabby.
  * Yahoo Mail-- try the inbuilt support for IMAP / POP, or any of a million other clients (TouchDown, for instance)
  * Push To Talk-- 5 minutes of googling found This app [google.com] which appears to only request the bare minimum that a PTT app would need (contacts, etc)

Not sure what you are using your phone for that you aren't running across apps ask for things that they probably shouldn't,

TeamViewer, Google Authenticator, Fing, Opera, Car DashDroid, Fast for Facebook, PushBullet, OpenVPN, Reddit is Fun... none are generally problematic permissions wise. At some point you're going to have to face the fact that theres a lot of grabby apps out there, and you apparently like some of them. Either use alternatives (they DO exist), or stop complaining.

Re:Apologies not accepted (1)

slaingod (1076625) | about 3 months ago | (#47652993)

Like I said, I don't care, just the attitude that somehow the victim is in the wrong, and the faux scolding of 'I am better than you' your attitude implied. If you reread your sentence
"Of course I havent had to use it, because I generally dont run into issues with apps asking for insane levels of access. Maybe its the apps you're using?"
and can honestly say it doesn't sound remotely douchey, then I apologize.
"Of course I haven't ever had an STD, but I generally don't use the low end hookers you obviously use..." :)

TIKL:
        read your contacts
        approximate location (network-based)
        read call log

It is definitely better than most, but that doesn't make it good.
I don't like any of them being grabby, which is why I use Privacy Guard, which is actually just the Google hidden App Ops.

Re:Apologies not accepted (1)

LordLimecat (1103839) | about 3 months ago | (#47653119)

TIKL is a walkie talkie app; it has to read your contacts to do the thing you downloaded it to do. Ditto call log. Location might be unnecessary, but thats "approximate", not even GPS.

This isnt "blaming the victim", because I dont buy that there is a victim. These are free apps which announce what they want to do, and theres a bazillion alternatives that do the exact same thing with better permissions.

If you want to use Privacy Ops, thats great; I just havent found an app where I would need it yet.

Re:Apologies not accepted (1)

preflex (1840068) | about 3 months ago | (#47654357)

If you want to use Privacy Ops, thats great; I just havent found an app where I would need it yet.

How about the built-in web browser?
According to PDroid Monitor (using CyanogenMod with P-droid patches), it can access:
    Network Location
    GPS Location
    Account Credentials
    Accounts (Listing of accounts registered with other apps on device: Dropbox, Twitter, etc. Includes name of the service, and the user ID)
    Contacts (For what?)
    Call Log (Why the hell would it ever need this?)
    Bookmarks and History (Duh)
    Wifi Info
    Network Info (
    Force Online State

Well, of course the built-in browser is gross. What about Firefox? That should be less invasive, right?
    Network Location
    GPS Location
    Account Credentials
    Accounts
    Record Audio
    Camera
    Start at Boot (That goes really well with the previous two)
    Network Info
    Force Online State

What could possibly go wrong?

Re:Apologies not accepted (1)

LordLimecat (1103839) | about 3 months ago | (#47656975)

Pretty much the only problematic one with firefox is start at boot. The others are all part of common features:
  * GPS / Network location-- some sites request location data, which firefox prompts you for. It needs that permission to be able to grant the request if you approve.
  * Account creds-- obvious
  * Audio / camera-- voice search. Its a manually activated function. Also, HTML5 can do chats through webrtc, which needs camera / audio.
  * Network info-- detect whether your online or not
  * Call logs / contacts-- sharing webpages, making calls from phone links (ie, your browser sees 888-123-4567, it lets you click it and initiate a call)

If you are concerned about those, use an alternate browser that doesnt have those features.

Re:Apologies not accepted (2)

mlts (1038732) | about 3 months ago | (#47649359)

The one nice thing about Android (assuming a rooted device) is the ability to turn on and use Linux's iptables to prevent apps from phoning home. After that, Xposed and XPrivacy are good (although the interface is nowhere as nice as Protect My Privacy from Cydia on iOS) to enforce restrictions on apps that ask for more than they should.

It would be nice if XPrivacy would fake data like PMP does, so if an app asks for GPS info, it will get GPS info, but not anything useful, or if an app asks for contacts on the phone, it gets random sets of garbage.

Re:Apologies not accepted (1)

Shoten (260439) | about 3 months ago | (#47650373)

The one nice thing about Android (assuming a rooted device) is the ability to turn on and use Linux's iptables to prevent apps from phoning home. After that, Xposed and XPrivacy are good (although the interface is nowhere as nice as Protect My Privacy from Cydia on iOS) to enforce restrictions on apps that ask for more than they should.

It would be nice if XPrivacy would fake data like PMP does, so if an app asks for GPS info, it will get GPS info, but not anything useful, or if an app asks for contacts on the phone, it gets random sets of garbage.

This is all fine and good, until one app that you want to phone home uses AWS or Cloudfront, and so does another app that you don't want phoning home. Firewalls have never been a good approach to application security...evidenced by the fact that "application security" became a concept long after firewalls were commonplace.

Re:Apologies not accepted (2)

mlts (1038732) | about 3 months ago | (#47650783)

Android can firewall by app, so my AWS program can access what it needs, while another app with more nefarious intentions can be blocked.

No, this isn't a cure for anything. In fact, it is a last resort. XPrivacy is the best solution for starters, as it will prompt when an app tries to use a permission, and you can allow or deny it. It would be nice to have a "fake" option, so the app -thinks- it has full permissions to do something... but in reality, it is being fed bogus data.

Re:Apologies not accepted (1)

perryizgr8 (1370173) | about 3 months ago | (#47653573)

I really want to install XPrivacy but it requires Xposed. And I have had a really bad experience with Xposed. It literally burns through my battery sometimes. Specially on boot, like 90% to 70% in a couple of minutes, plus burning my hand. The tragedy is that so many Xposed modules are so incredibly useful.

Re:Apologies not accepted (0)

Anonymous Coward | about 3 months ago | (#47650857)

Not to mention the vendors and carriers dropping their own crap-apps on there that the OS won't let you remove because they're a "special snowflake".

Re:Apologies not accepted (0)

Anonymous Coward | about 3 months ago | (#47649397)

Read again. They consider it's ok to keep doing this, but now they'll

ensure users [know] it [is] collecting data from their address books

More flies with honey... (4, Interesting)

Etherwalk (681268) | about 3 months ago | (#47649509)

Why is it considered okay to do this until you get caught? Then you apologize? How about not stealing the information in the first place for starters. Fuckwads!

When an institution or a person does something right, I find it useful to commend them for it.

There may be many other things they can do right in the future, that they are doing wrong now. And there may be things done in the past that were profoundly wrong.

But they've still done a good thing.

In the United States, communications professionals (and the people they coach, like our politicians) avoid admitting when they are wrong, avoid even *engaging* in serious discussion, precisely because people so easily latch onto any words acknowledging another position and turn it into a sound byte. Attacking people who do the right thing for not doing more encourages them *not* to do the right thing in the first place.

Here, a company admitted it was wrong and apologized. It may or may not be disinformation to distract us from spying on behalf of the Chinese Government; and the company may or may not still be doing things we consider wrong. But the company's message was the right one, and they deserve praise for taking responsibility for a foul-up and acting to correct it.

Re:More flies with honey... (2, Insightful)

Anonymous Coward | about 3 months ago | (#47650105)

This is the stupidest logic I've read in a long time. It's like saying that if I apologize after raping you, then you shouldn't be angry at me for raping you. I mean, I apologized right! No harm, no foul.

Re:More flies with honey... (1)

penguinoid (724646) | about 3 months ago | (#47650345)

You think it's commendable to apologize "Sorry we only copy your address book to 'see if you're online' "? No, they copy your address book to see who your contacts are. There's much less invasive ways to "see if you're online".

Re:More flies with honey... (1)

perryizgr8 (1370173) | about 3 months ago | (#47653579)

They probably use the phone numbers in the address book and see if the users of phones with those numbers are online. This is probably the most non-invasive ways to do this.

Re:Apologies not accepted (1)

LifesABeach (234436) | about 3 months ago | (#47649613)

I didn't RTFA, but they also mention that Round Eyes have "very large penises?"

Re:Apologies not accepted (0)

Anonymous Coward | about 3 months ago | (#47650097)

How come every time this SHIT DATA THIEVING COLLECTION happens, its the biggest entities on the planet, later getting tiny slaps on the hand by smaller entities in charge, supposedly???? We are calling BULLSHIT.

Re:Apologies not accepted (1)

udachny (2454394) | about 3 months ago | (#47650695)

What do you mean, don't you know, governments don't look backward, they only look forward.

Don't you wish it worked like that for just normal people? You killed somebody? Just apologize, we don't look backward, we look forward, so with an apology you are free to go.

Apologies not accepted (0)

Anonymous Coward | about 3 months ago | (#47654331)

Why is it considered okay to do this until you get caught? Then you apologize? How about not stealing the information in the first place for starters. Fuckwads!

Because that has bcome a standard modern business practice. "We're really sorry we got caught (doing x), and we'll be just as sorry the next time we get caught." Since there are NEVER any consequences for those involved (such as prison time) the practice continues unabated. Another reason they get away with crap like this is public apathy. Remember Sony's RootKit music CD's? There wasn't even much of a public outcry because 98% of the population no longer really cares anymore.

As the quote says... (4, Insightful)

x0ra (1249540) | about 3 months ago | (#47648973)

"It's easier to ask forgiveness than it is to get permission." ...

As the quote should say... (0)

Anonymous Coward | about 3 months ago | (#47649161)

It's easier to ask forgiveness than it is to get permission, but never should be better.

Fuck Xiaomi (-1)

Anonymous Coward | about 3 months ago | (#47648997)

Me Chinese. Me play joke. Me put backdoors in your phone.

Re:Fuck Xiaomi (0)

Anonymous Coward | about 3 months ago | (#47649323)

Me Chinese. Me play joke. Me put backdoors in your phone.

This is one of those childhood memories I wasn't aware I was happy to have forgotten. Thanks for bringing it back.

Soon I'll come across sitting Indian Style. Already saw the Troll in GotG. What more will I have the unjoyous reunion with?

Please excuse us (5, Insightful)

phorm (591458) | about 3 months ago | (#47649001)

We'll try to hide it better next time...

Confirmed (1)

billyswong (1858858) | about 3 months ago | (#47652569)

It's already found that the official "update" only fixes a tiny part of concern. They are still sending things to China [ima-mobile.com]

i slap my ballsack in protest! (-1)

Anonymous Coward | about 3 months ago | (#47649027)

/spank you!

Hi, I'm DoRD (-1)

Anonymous Coward | about 3 months ago | (#47649035)

I'm the Wikipedia administrator known as DoRD [wikipedia.org] , i am a fucking bastard who hits babies with railway sleepers and shits in their mouths. Me and Bsadowski1 are big perverts and we sank to Sailor Moon hentai while check user blocking innocent users.

Thank you very much (1)

stevez67 (2374822) | about 3 months ago | (#47649123)

I prefer capitalist stooges stealing my personal information, rather than commie stooges. (stolen from Dr. Strangelove)

There Ain't No Such Thing As... (4, Insightful)

rodrigoandrade (713371) | about 3 months ago | (#47649213)

A cheap high end smartphone. Apple couldn't do it, Nokia couldn't do it, Blackberry couldn't do it, Samsung couldn't do it, etc.

If you're not paying with dollars, you're paying with something else...

Re:There Ain't No Such Thing As... (1)

riis138 (3020505) | about 3 months ago | (#47649365)

^ This. They are going to take it from you somewhere. One way or another, they will get their money back.

Translation (0)

Anonymous Coward | about 3 months ago | (#47649349)

We are sorry we got caught.

This does not make sense (4, Insightful)

93 Escort Wagon (326346) | about 3 months ago | (#47649441)

In a lengthy blogpost on Google Plus, Xiaomi Vice President Hugo Barra apologized for the unauthorized data collection and said the company only collects phone numbers in users' address books to see if the users are online.

I realize there is some translation going on here, and that can sometimes lead to misinterpretation - but in what context can this possibly make any sense? Collecting phone numbers from your address book to see if you're online? Seriously?

Re:This does not make sense (3, Insightful)

maroberts (15852) | about 3 months ago | (#47649523)

Well in a roundabout way of thinking, its one of the simplest tests you can do to see if the phone can be accessed over the intertubes. All phones will have a contacts list/address book, so this will be supported by all Android phones.

Of course, when you think about it however, you realize that its more than a little absurd and creepy.

Re:This does not make sense (1)

Anonymous Coward | about 3 months ago | (#47650709)

This is pathetic, and you're pathetic for saying that.

There is absolutely no evidence that they collect phone numbers from your address book.

The original f-secure blog says nothing about collecting phone numbers from your address book -- http://www.f-secure.com/weblog/archives/00002731.html. It's basically an SMS over HTTP service that they've turned on by default. All it's doing is sending a request to the server to say that you're online, so it can route SMS over HTTP to save you $ (well, sms is free with your plan in the US, but that's not true in other countries).

David Gilbert is a fucking idiot who blatantly lied in his article:
http://www.ibtimes.co.uk/security-firm-shows-xiaomi-smartphones-do-secretly-steal-your-data-1460382

"However today Finnish security firm F-Secure has published a blog detailing how a brand new RedMi 1S smartphone silently uploaded a users' phone number, the network being used, the phone's IMEI number (used to identify a specific phone), as well as the phone numbers of contacts added to the address book and phone numbers of SMS messages received."

This is clearly not true and grossly exaggerated. All you have to do is go direct to the original f-secure blog to see what's going on.

When you send an SMS and the phone routes the SMS over via IP (HTTP specifically), of course it has to collect your phone # and the target phone #. How else would it know who sends the message and to whom?

If I were Xaomi, I would sue David Gilbert for libel.

As this is Slashdot, I would expect smarter readers, but apparently that's not true. Where are all the IT/programmer people?

Re: This does not make sense (0)

Anonymous Coward | about 3 months ago | (#47652645)

They are at Soylent News nowasays.

Re:This does not make sense (0)

Anonymous Coward | about 3 months ago | (#47656599)

Collecting phone numbers from your address book to see if you're online? Seriously?

If they don't collect your social graph data, they know someone is online, but they don't know who it is. They have to harvest your contacts to uniquely identify you in a robust way. How else do you expect them to identify people when they are always clearing cookies, changing phone numbers, using fake names, and making multiple webmail accounts? Graph analysis of the contact data is the only way to tell who you are, and thus whether you're online or not.

It's actually an apology for the "concern" (0)

Anonymous Coward | about 3 months ago | (#47649475)

If you read the Google+ post, the apology is for the "concern" surrounding their actions, not for the actions themselves.

Cubot as well? (1)

Anonymous Coward | about 3 months ago | (#47649529)

I bought one of these a few months ago, and running a netstat one day I discovered some odd IPs, most of which turned out to be Google this or that, but one struck me as very odd, to a Chinese address. Can anyone tell me, why does my phone "phone home?"

Fixed a "loophole"? (1)

Viol8 (599362) | about 3 months ago | (#47649543)

Thats not a fucking loophole - a program doesn't accidentaly download and store phone numbers , it has to be programmed to do it - thats deliberate data stealing. Now we get the usual meaningless corporate humble apology routine which they hope will placate everyone until next time they get caught. Pathetic.

Re:Fixed a "loophole"? (0)

Anonymous Coward | about 3 months ago | (#47649877)

I like the fake outrage.
As if whatever phone you have now hasn't/isn't/won't leak private info EVERRR.
This is even before the NSA get their grubby paws on your data set.

They handled it quite nicely (1)

jones_supa (887896) | about 3 months ago | (#47649639)

Well goddammit, you whiners. At least this company apologized and fixed the problem properly. How often these days we just get "[company name] declined to comment on the issue" and then we never hear from them again. Xiaomi's reaction in this case was much better.

Re:They handled it quite nicely (0)

Anonymous Coward | about 3 months ago | (#47650077)

You new here?
Since this is a post about a Chinese company, I believe you are required to post some negative comment regardless of it actually being correct.
How many anti-china posts are on here from people who don't even own passports, let alone actually been there?

Agree with you, their approach is the right thing to do..

Re:They handled it quite nicely (1)

houindcon (3737045) | about 3 months ago | (#47650713)

I also think it was handles rather well.
Regardless of the reason or the method that they used, they LISTENED to their customer base and made appropriate adjustments. I may not like the fact that they're still collecting data but I think they did the right thing given their position. Jesus people, you just can't be happy can you?

"F-Secure Oyg"? (1)

marsu_k (701360) | about 3 months ago | (#47650067)

I'm thinking that should probably be "Oyj", although that typo is not so easy to make (was it in the original article - how am I supposed to know? 'tis /.). But what that means (in Finnish, F-Secure is from .fi) is a public company. And whether the company is public or private is quite irrelevant in this context. Just call them F-Secure like everyone else.

Re:"F-Secure Oyg"? (1)

ShaunC (203807) | about 3 months ago | (#47650851)

The one that always got me was "AOL Deutschland GmbH."

Google Plus is blocked in China (0)

Anonymous Coward | about 3 months ago | (#47651593)

I tell you why this guy is dishonest. Google Plus is blocked in China, where most Xiaomi phones are sold and being used. This means that they are apologizing only to the West, and only after the West caught them red handed. Their philosophy is that "we have to apology to the West since we want to sell phones to you, at the same time, let's try to hide this from our existing user base (the Chinese) for as long as possible and keep milking them." Never trust these cunning unscrupulous guys.

Re:Google Plus is blocked in China (1)

dk20 (914954) | about 3 months ago | (#47652173)

If it is blocked, how did he use it to apologize?

Food for thought: What makes you think they want to sell them to the west, or that they even can? Anything you have ever purchased from China was most likely via a "middle man" (made in China, sold to you by a non-Chinese company under their label). Go ahead, list off a few Chinese manufacturing firms you purchased products from.

In china, there are two markets. Made in China for sale in China, and Made in China but for export. If this is some "made in china for sale in china" why do they care what the west says? Why does the west care to "catch them"?

Lastly, perhaps "the west" should focus on catching the data theft and other crimes occurring locally and focus on others less?

Dammit, now the PLA need another in (0)

Anonymous Coward | about 3 months ago | (#47652533)

Dammit, now our ever-luvin friends over at the "Peoples Liberation Army Intergalactic Cyber Crime, and Correct Thoughts Accepted, Incorrect Thoughts Sent to the Retraining and Too Psychologically Damanged To Be In Mainstream Society Department" will need another way to analyse user data in order to maintain quality assurance, to make sure that citizens everywhere are speaking correct things about the government, that they are not speaking things that need correction. That foreign persons do not attempt to interfere with matters within China, and are adequately notified "This Is A Chinese Internal Matter"(tm). The PLA will have to work with the phone manufacturer to develop a new software (at phone manufacturers expense) that will allow proper auditing of users private data with (as stated), necessary supervision/correction as required.

Thank you for your cooperation
Now move along, nothing more to see here.
Its A Chinese Internal Matter(tm)

" ... only collect users' phone numbers ... " (1)

fygment (444210) | about 3 months ago | (#47653899)

So they only know who you speak with.
One wonders what that information would be worth and to whom.
Was phone number collection a condition in exchange for guarantees of the company's success, or did the company, after the fact, realise it had an additional profit line as its customer base increased?

Never buy chinese-owned or chinese-made devices (1)

moneybabylon (2226376) | about 3 months ago | (#47654495)

The ruling chinese communist party forces backdoors on all chinese-made as well as chinese-owned electronic devices, so ofcourse xiaomi phones are no exception to passing all your communications to spies in beijing.

Loophole my shiny metal ass, you lying scumbags! (0)

Anonymous Coward | about 3 months ago | (#47656319)

How about some consequences? Ordinary citizens would be thrown in jail for such behavior!

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?