Slashdot Mirror

← Back to Stories (view on slashdot.org)

China Smartphone Maker Xiaomi Apologizes For Unauthorized Data Access

Posted by samzenpus on from the our-bad dept.

SpzToid writes Following up an earlier story here on Slashdot, now Xiaomi has apologized for collecting private data from its customers. From the article: "Xiaomi Inc said it had upgraded its operating system to ensure users knew it was collecting data from their address books after a report by a computer security firm said the Chinese budget smartphone maker was taking personal data without permission. The privately held company said it had fixed a loophole in its cloud messaging system that had triggered the unauthorized data transfer and that the operating system upgrade had been rolled out on Sunday. The issue was highlighted last week in a blog post by security firm F-Secure Oyg. In a lengthy blogpost on Google Plus, Xiaomi Vice President Hugo Barra apologized for the unauthorized data collection and said the company only collects phone numbers in users' address books to see if the users are online."

10 of 64 comments (clear)

  1. Apologies not accepted by Virtucon · · Score: 4, Insightful

    Why is it considered okay to do this until you get caught? Then you apologize? How about not stealing the information in the first place for starters. Fuckwads!

    --
    Harrison's Postulate - "For every action there is an equal and opposite criticism"
    1. Re:Apologies not accepted by Anonymous Coward · · Score: 3, Insightful

      Why is it considered okay to do this until you get caught? Then you apologize? How about not stealing the information in the first place for starters. Fuckwads!

      Seems the only "Fuckwads" around here are us dumbass consumers who actually think that all those free apps we download wouldn't dare do the exact same fucking thing.

      The only real difference is you blindly agreed to the spying in the EULA you didn't bother to read.

    2. Re:Apologies not accepted by 0123456 · · Score: 4, Insightful

      Of course, if the operating system actually had real user-level security controls, the apps wouldn't be able to do that.

      I can't see myself buying another Android device so long as they expect me to allow pretty much every possible permission for every piece of crap app that doesn't even need half of them.

    3. Re:Apologies not accepted by Anonymous Coward · · Score: 4, Insightful

      No, it wasn't lazy programming. It was broken by design.

      From the blog post:

      "A: For those interested in specific details about the MIUI Cloud Messaging implementation:

      - The primary identifiers used to route messages are the sender and receiver’s phone numbers. IMEI and IMSI information is also used to keep track of a device's online status."

      That's not a programming mistake.

  2. As the quote says... by x0ra · · Score: 4, Insightful

    "It's easier to ask forgiveness than it is to get permission." ...

  3. Please excuse us by phorm · · Score: 5, Insightful

    We'll try to hide it better next time...

  4. There Ain't No Such Thing As... by rodrigoandrade · · Score: 4, Insightful

    A cheap high end smartphone. Apple couldn't do it, Nokia couldn't do it, Blackberry couldn't do it, Samsung couldn't do it, etc.

    If you're not paying with dollars, you're paying with something else...

  5. This does not make sense by 93+Escort+Wagon · · Score: 4, Insightful

    In a lengthy blogpost on Google Plus, Xiaomi Vice President Hugo Barra apologized for the unauthorized data collection and said the company only collects phone numbers in users' address books to see if the users are online.

    I realize there is some translation going on here, and that can sometimes lead to misinterpretation - but in what context can this possibly make any sense? Collecting phone numbers from your address book to see if you're online? Seriously?

    --
    #DeleteChrome
    1. Re:This does not make sense by maroberts · · Score: 3, Insightful

      Well in a roundabout way of thinking, its one of the simplest tests you can do to see if the phone can be accessed over the intertubes. All phones will have a contacts list/address book, so this will be supported by all Android phones.

      Of course, when you think about it however, you realize that its more than a little absurd and creepy.

      --

      Donte Alistair Anderson Roberts - hi son!
      Karma: Chameleon

  6. Re:More flies with honey... by Anonymous Coward · · Score: 2, Insightful

    This is the stupidest logic I've read in a long time. It's like saying that if I apologize after raping you, then you shouldn't be angry at me for raping you. I mean, I apologized right! No harm, no foul.