Xiaomi smartphones have also transmitted user behavior servers?

It was revealed that the Xiaomi Redmi Note 8, a smartphone introduced by Xiaomi, recorded the majority of user actions made through the terminal and sent it to the Alibaba server.

According to one security researcher (Gabriel Cirlig), using the Xiaomi default browser installed on the Xiaomi Redmi Note 8, it logs all of the websites visited, including the search engine, or all items displayed in the Xiaomi app news feed feature. Such tracking is said to be done even if the user uses the secret mode.

In addition, the user opened a folder or turned on the screen, recorded the status bar and the contents of the settings page, collected everything in one place, and sent it to servers located in Singapore and Russia. This server is hosted by Alibaba, and the domain is registered in Beijing. The security researcher describes the Xiaomi smartphone as a backdoor with a phone function.

In fact, as a result of further investigation by commissioning other security researchers, it was found that two types of Xiaomi browsers (Mi Browser Pro, Mint Browser), which are the best in Google Play, are also collecting data. All of these applications have been downloaded over 15 million times.

In addition, I downloaded the firmware for the Xiaomi Mi Note 10, Xiaomi Redmi K20, and Xiaomi Mi MIX 3 and checked whether they are using the same code in the browser. As a result, it is said that there is a possibility that a security problem exists for these browsers as well.

In response, Xiaomi denied that the claim is not true and that the company is putting privacy and security as the top concerns. However, while acknowledging that the browser collects data, he explained that because the information is anonymized, it is not associated with individuals and is collected with the consent of the user.

Meanwhile, security researchers reported that data was being collected, including information on websites and web browsing, as well as numbers identifying the device and Android version. It is pointed out that such data is easy to connect information and users. Xiaomi also denies the collection of information by incognito mode, and the researchers and opinions are confronting this. Security researchers pointed out that each time an application is opened, a series of information is sent to the remote server, suggesting the possibility that app usage is also being monitored. Related information can be found here .