Xiaomi Amends Cloud Messaging Service After Privacy Scare
Roughly a week ago, Finland’s FSecure started investigating claims that Xiaomi was sending essential data under the radar from its MIUI powered phones back to the main Xiaomi servers in China. As it turned out the claims were not unsubstantiated and touched upon the worst fears of consumers who were bothered by the fact that their privacy was put on the line by yet another telecom company. Though FSecure’s brand new Redmi 1s Xiaomi manufactured smartphone does not add any cloud accounts to its program, yet the device sent back the carrier name, phone number, IMEI (device identification technology), additional numbers saved in the phone book, and even personal text messages data back to Beijing. Many users were put off by the incident due to the fact that the data shared from their devices was not encrypted, which means that the phone specifications could be known to one and all alike. In the midst of this brewing controversy, the Chinese company is making efforts to put the derailed train of their market reputation back on track.
The most-valiant damage control efforts were made by Vice President (VP) Hugo Barra, who took to the social media to clear the air regarding the issue.
Policy Gone Awry
Xiaomi is a mobile manufacturer company that believes in delivering quality products and easy to use internet services. Per the policy of the company, the data handled by the servers is not uploaded nor is any private information stored in any database without first seeking the permission of the user.
MIUI Cloud Messaging
Cloud messaging is offered by Xiaomi that is supported by MIUI operating system. This particular service gives the advantage to MIUI users by enabling them to exchange freeofcost text messages with each other. This is achieved by routing messages through IP instead of relying upon the carrier’s SMS portal. The Official Story Xiaomi’s VP Barra took to the social media and put in his best effort to educate the general public about the real story behind the controversy. He said that the data link in question was an important part of MIUI’s cloud messaging service that played its role by deciding whether the consumers’ text messages could be channeled through the internet for free.
Unfortunately for Xiaomi, this feature was enabled by default that led to the data being channeled back to Beijing.
The mistake has been made right after users were told that new devices or factory restored ones should be manually activated to use the cloud messaging service. What this means is that user data would not be transferred covertly to Beijing anymore. In addition, the latest updates made to the old devices would ensure that the phone numbers being sent to the servers are encrypted if the users want to continue using the MIUI’s cloud messaging feature instead of opting for the SMS delivery system.
Other Important Queries
The entire episode still left some questions unanswered in the minds of consumers. For instance, wasn’t the company supposed to encrypt all information during the device manufacturing stage per the privacy policies adopted by all companies dealing in the field of communication? The blame for this lapse in the phone’s security had to be taken by Xiaomi’stop officials because errors like these could virtually destroy the standing of the company in a competitive global market. Since this mistake has been made by other renowned communication companies in the past as well, Xiaomi also deserves a second chance.
Moreover, the VP of the company has admitted to the mistake and provided a lengthy but transparent explanation for the unfortunate mistake.
It is pertinent also to mention here that the MIUI does seek public data on request from Xiaomi servers at different time intervals. The data that is shared mostly includes company stored everyday greeting messages and MIUI OTA notifications about latest updates, which is essentially the non personal data that doesn’t threaten the privacy of consumers using the device.
By Rachael Dane, Stealthmate
Stealthmate provides comprehensive list of monitoring features for mobile phones and computers. These features range from basic internet monitoring to advanced features like email monitoring and logging of all popular Chat Messangers.
Latest posts by CloudTweaks (see all)
- CDN Performance Report – Month of June – 2015 - July 2, 2015
- 7 Cloud Security Mistakes Bound To Bite You - July 2, 2015
- Bridging The Chasm Between Business And IT – The GRC Way - July 1, 2015