Technical loopholes are still found in RedMi 1S, a budget smartphone launched by Chinese handset maker Xiaomi Inc. in Taiwan in December last year, that allow users’ information to be sent to the company’s Beijing servers despite recent upgrades in the system, according to technology website unwire.hk.
Xiaomi had released an upgraded over-the-air (OTA) technology package intended to make it safer for users to send free online text messages after Taiwan media reported that RedMi 1S was sending out users’ details to a remote server when people sent short messages, triggering privacy concerns.
Xiaomi said the upgraded system has an additional encryption function that protects the private information of users, such as their phone numbers.
However, Kenny Li, a RedMi user, said on the IMA Mobile Bulletin Board System that he found there were still some information being automatically sent back to Beijing servers even after he upgraded the system following Xiaomi’s guidance, citing some screenshots showing internet protocol (IP) addresses, Sky Post reported.
Li Liheng, director of security solutions provider F-Secure Greater China, was quoted as saying that after tests, they found that private information such as the user’s phone number and International Mobile Equipment Identity (IMEI) were no longer sent back to the Beijing servers, although information such as the phone’s installed programs list, are still automatically sent back.
A Xiaomi official said the company never intended to deceive users or violate their privacy rights, adding that all information sent back to the company’s servers involved service-related information and not the users’ personal data.
– Contact us at [email protected]