Xiaomi smart cams see other people’s homes ; Google disconnects from Xiaomi products
Update (2020.1.3 16:20) : Xiaomi official statement says the problem was caused by a video system update released at the end of December. Xiaomi said they had already addressed the issue, and stopped the related service temporarily until the root cause of the problem could be resolved.
Home monitors can let users see the situations at home while away, and can keep a record when there are burglars or other problems at home. However, Xiaomi’s Mi Home apps made a big blunder recently. From their home smart monitors connected to Google Home system, users could see video images of other people’s homes. Google terminated the connections with Mi Home apps immediately after they received the reports.
Member “u/Dio-V” on Reddit uploaded the video, and said that, after he connected the camera with Google Home system, saw not only what was happening at home, but also random images of unknown people’s homes, including their living rooms, baby cribs, etc. Google community officer responded to the post immediately, and contacted him at once for follow-up.
Google said they had temporarily terminated the connections with Mi Home apps for now, and were seeking a resolution with Mi Home. Mi Home video users can no longer see any video images on Google Home, but only the “currently unavailable” wording.
A Reddit user joked that the affected person “unintentionally opened the secret mode of the Chinese government.” Quite a few users who also installed the monitors are worried. But some also point out it might be a programming error that grabbed images from the caches. However, it all needs to wait for Google or Xiaomi to come up with an explanation eventually, before users’ worries on smart home monitors can be released.
Xiaomi official response: System update caused problems with the caches
Xiami made an official response to this incident, saying that Xiaomi had always put the privacy and information security of the users first. They found out there was an extremely small chance of streaming image problem when “Mi Home Wireless IP Camera Basic” products were connected on Google Home. As for the inconvenience caused to the users, Xiaomi has expressed deep regrets. Xiaomi said they took actions to address the problem after finding out about it, and had solved it. They found in the investigations that, starting from testing on 26 December, 2019, they caused problems with the caches. Xiaomi said this problem happened only when “Mi Home Wireless IP Camera Basic“ and Google Home are used together and when network connections are not good. After investigations Xiaomi found out 1,044 users had similar problems. After they communicated with Google, they had stopped such service temporarily until the root cause could be resolved, and ensured that the incident would not happen again.
Below are the original script of the official announcement:
[Statement: Xiaomi has always prioritized our users’ privacy and information security. We are aware there was an issue of receiving stills while connecting Mi Home Security Camera Basic 1080p on Google Home hub. We apologize for the inconvenience this has caused to our users.
Our team has since acted immediately to solve the issue and it is now fixed. Upon investigation, we have found out the issue was caused by a cache update on December 26, 2019, which was designed to improve camera streaming quality. This has only happened in extremely rare conditions. In this case, it happened during the integration between Mi Home Security Camera Basic 1080p and the Google Home Hub with a display screen under poor network conditions.
We have also found 1044 users were with such integrations and only a few with extremely poor network conditions might be affected. This issue will not happen if the camera is linked to the Xiaomi’s Mi Home app.]
#Surveillance #Privacy #China #Xiaomi
https://unwire.hk/2020/01/03/xiaomicamera/tech-secure/
Update (2020.1.3 16:20) : Xiaomi official statement says the problem was caused by a video system update released at the end of December. Xiaomi said they had already addressed the issue, and stopped the related service temporarily until the root cause of the problem could be resolved.
Home monitors can let users see the situations at home while away, and can keep a record when there are burglars or other problems at home. However, Xiaomi’s Mi Home apps made a big blunder recently. From their home smart monitors connected to Google Home system, users could see video images of other people’s homes. Google terminated the connections with Mi Home apps immediately after they received the reports.
Member “u/Dio-V” on Reddit uploaded the video, and said that, after he connected the camera with Google Home system, saw not only what was happening at home, but also random images of unknown people’s homes, including their living rooms, baby cribs, etc. Google community officer responded to the post immediately, and contacted him at once for follow-up.
Google said they had temporarily terminated the connections with Mi Home apps for now, and were seeking a resolution with Mi Home. Mi Home video users can no longer see any video images on Google Home, but only the “currently unavailable” wording.
A Reddit user joked that the affected person “unintentionally opened the secret mode of the Chinese government.” Quite a few users who also installed the monitors are worried. But some also point out it might be a programming error that grabbed images from the caches. However, it all needs to wait for Google or Xiaomi to come up with an explanation eventually, before users’ worries on smart home monitors can be released.
Xiaomi official response: System update caused problems with the caches
Xiami made an official response to this incident, saying that Xiaomi had always put the privacy and information security of the users first. They found out there was an extremely small chance of streaming image problem when “Mi Home Wireless IP Camera Basic” products were connected on Google Home. As for the inconvenience caused to the users, Xiaomi has expressed deep regrets. Xiaomi said they took actions to address the problem after finding out about it, and had solved it. They found in the investigations that, starting from testing on 26 December, 2019, they caused problems with the caches. Xiaomi said this problem happened only when “Mi Home Wireless IP Camera Basic“ and Google Home are used together and when network connections are not good. After investigations Xiaomi found out 1,044 users had similar problems. After they communicated with Google, they had stopped such service temporarily until the root cause could be resolved, and ensured that the incident would not happen again.
Below are the original script of the official announcement:
[Statement: Xiaomi has always prioritized our users’ privacy and information security. We are aware there was an issue of receiving stills while connecting Mi Home Security Camera Basic 1080p on Google Home hub. We apologize for the inconvenience this has caused to our users.
Our team has since acted immediately to solve the issue and it is now fixed. Upon investigation, we have found out the issue was caused by a cache update on December 26, 2019, which was designed to improve camera streaming quality. This has only happened in extremely rare conditions. In this case, it happened during the integration between Mi Home Security Camera Basic 1080p and the Google Home Hub with a display screen under poor network conditions.
We have also found 1044 users were with such integrations and only a few with extremely poor network conditions might be affected. This issue will not happen if the camera is linked to the Xiaomi’s Mi Home app.]
#Surveillance #Privacy #China #Xiaomi
https://unwire.hk/2020/01/03/xiaomicamera/tech-secure/
Unwire.hk
小米智能攝影機看到其他人家畫面 Google急停與米家產品連接
更新(2020.1.3 16:20):小米發表官方聲明,表示問題由 2019 年 12 月尾推出的攝影機系統更 […]
#NetizensVoice
Xiaomi is collecting browser data even in incognito mode.
(01 May) Summary: Researchers discovered that the Mi Browser Pro and Mint Browser apps that come preinstalled in Xiaomi handsets gleaned data about what folders users open and to which screens they swipe, and other data from the handsets.
The data was then sent to remote servers in Singapore and Russia, though the web domains that hosted the servers were registered in Beijing. Xiaomi denied any wrongdoing to Forbes, arguing all data transferred is encrypted and anonymized. Still, Cirlig was able to easily decrypt the data into readable chunks of information that could be tied back to an individual. Just two months ago, another Chinese company, Cheetah Mobile, was caught sniffing data on web use, wi-fi access point names, and other activity like how a user swipes.
References : Next Media, Twitter
Source: Ant Yi-Feng Tzeng
#bigbrotherwatch #dataprivacy #datasecurity #Xiaomi #Surveillance
Xiaomi is collecting browser data even in incognito mode.
(01 May) Summary: Researchers discovered that the Mi Browser Pro and Mint Browser apps that come preinstalled in Xiaomi handsets gleaned data about what folders users open and to which screens they swipe, and other data from the handsets.
The data was then sent to remote servers in Singapore and Russia, though the web domains that hosted the servers were registered in Beijing. Xiaomi denied any wrongdoing to Forbes, arguing all data transferred is encrypted and anonymized. Still, Cirlig was able to easily decrypt the data into readable chunks of information that could be tied back to an individual. Just two months ago, another Chinese company, Cheetah Mobile, was caught sniffing data on web use, wi-fi access point names, and other activity like how a user swipes.
References : Next Media, Twitter
Source: Ant Yi-Feng Tzeng
#bigbrotherwatch #dataprivacy #datasecurity #Xiaomi #Surveillance
TNW
Xiaomi is collecting browser data even in incognito mode, researchers say
You might want to stay away from Xiaomi's browsers if you care about your privacy, or so suggest a couple of concerned researchers.
#CyberSecurity #MadeinChina
Low cost Xiaomi Comes with a hefty price: Customers' Privacy
#Xiaomi is one of the top four smartphone makers in the world by market share, behind Apple, Samsung and Huawei.
Cybersecurity researcher Gabi Cirlig points out that:
1. Xiaomi browser recorded all the websites he visited, including search engine queries whether with Google or the privacy-focused DuckDuckGo, and every item viewed on a news feed feature of the Xiaomi software.
2. Tracking happened even if he used the supposedly private “incognito” mode
3. Xiaomi recorded what folders he opened and to which screens he swiped, including the status bar and the settings page
4. All of the data was being packaged up and sent to remote servers in Singapore and Russia, though the Web domains they hosted were registered in Beijing.
Cybersecurity researcher Andrew Tierney adds that the browsers shipped by Xiaomi on Google Play—Mi Browser Pro and the Mint Browser—were collecting the same data.
Source: Forbes #Apr30
Low cost Xiaomi Comes with a hefty price: Customers' Privacy
#Xiaomi is one of the top four smartphone makers in the world by market share, behind Apple, Samsung and Huawei.
Cybersecurity researcher Gabi Cirlig points out that:
1. Xiaomi browser recorded all the websites he visited, including search engine queries whether with Google or the privacy-focused DuckDuckGo, and every item viewed on a news feed feature of the Xiaomi software.
2. Tracking happened even if he used the supposedly private “incognito” mode
3. Xiaomi recorded what folders he opened and to which screens he swiped, including the status bar and the settings page
4. All of the data was being packaged up and sent to remote servers in Singapore and Russia, though the Web domains they hosted were registered in Beijing.
Cybersecurity researcher Andrew Tierney adds that the browsers shipped by Xiaomi on Google Play—Mi Browser Pro and the Mint Browser—were collecting the same data.
Source: Forbes #Apr30
Huawei’s Chinese Competitors Race to International Market Amidst US Sanctions
US Sanctions on Huawei have created a new competition for market shares and production lines amongst its Chinese competitors, Vivo, Oppo, and Xiaomi.
“[Huawei’s competitors] believe the sanctions against Huawei will more or less hurt it in the international market, and they may want to take a share of the market from Huawei,” states Derek Wang, an executive in charge of production at Realme, which shares a supply chain with Oppo.
Similarly, Xioami has placed orders for up to 100 million phones, up 50% on projections before the Huawei sanctions. While some say that these figures are too optimistic, an analyst at Counterpoint, expects a “clear year-on-year growth from Huawei and Honor’s smartphone rivals in 2021, but likely at a lower ratio than their earliest expectation.”
Source: Reuters #Nov23
https://www.reuters.com/article/us-china-mobile-huawei-competitors-idUSKBN2830IC
#Huawei #Xiaomi #China #Smartphone
US Sanctions on Huawei have created a new competition for market shares and production lines amongst its Chinese competitors, Vivo, Oppo, and Xiaomi.
“[Huawei’s competitors] believe the sanctions against Huawei will more or less hurt it in the international market, and they may want to take a share of the market from Huawei,” states Derek Wang, an executive in charge of production at Realme, which shares a supply chain with Oppo.
Similarly, Xioami has placed orders for up to 100 million phones, up 50% on projections before the Huawei sanctions. While some say that these figures are too optimistic, an analyst at Counterpoint, expects a “clear year-on-year growth from Huawei and Honor’s smartphone rivals in 2021, but likely at a lower ratio than their earliest expectation.”
Source: Reuters #Nov23
https://www.reuters.com/article/us-china-mobile-huawei-competitors-idUSKBN2830IC
#Huawei #Xiaomi #China #Smartphone
U.S. Blacklisted China’s Xiaomi Because of Award Given to Its Founder
In a legal filing, the U.S. Department of Defense to blacklist Chinese company with military ties, Xiamo due to an award given to the company’s founder for his service to the state/
Lei Jun, the chief executive officer and founder of Xiaomi, received the award of “Outstanding Builder of Socialism with Chinese Characteristics” in 2019 from the Ministry of Industry and Information Technology.
he award was enough for the Defense Department in January to add Xiaomi to a list of companies that support China’s military.
The second reason cited by the Defense Department was Xiaomi’s plans to invest 50 billion yuan, equivalent to $7.7 billion, over five years into 5G technology and artificial intelligence.
Source: WSJ #Mar05
https://www.wsj.com/articles/u-s-blacklisted-chinas-xiaomi-because-of-award-given-to-its-founder-11614947281
#USBlacklistChineseCompany #Xiaomi #USBlacklist #China
In a legal filing, the U.S. Department of Defense to blacklist Chinese company with military ties, Xiamo due to an award given to the company’s founder for his service to the state/
Lei Jun, the chief executive officer and founder of Xiaomi, received the award of “Outstanding Builder of Socialism with Chinese Characteristics” in 2019 from the Ministry of Industry and Information Technology.
he award was enough for the Defense Department in January to add Xiaomi to a list of companies that support China’s military.
The second reason cited by the Defense Department was Xiaomi’s plans to invest 50 billion yuan, equivalent to $7.7 billion, over five years into 5G technology and artificial intelligence.
Source: WSJ #Mar05
https://www.wsj.com/articles/u-s-blacklisted-chinas-xiaomi-because-of-award-given-to-its-founder-11614947281
#USBlacklistChineseCompany #Xiaomi #USBlacklist #China
Myanmar Demonstrators Burnt Chinese Factories; The Military Attacked “Protest Camp” and Killed 11 People
More than two months since the coup in Myanmar, according to the statistics of the local organisation assisting political prisoners, the death toll has reached at least 581. A Chinse factory in Yangon was burnt by the protesters today (7th April) while some protesters raised the slogans of boycott Chinese brands “Xiaomi” and “Huawei”. The military also attacked Hpruso Township in Kayah (Karenni) State, a “Tarhan protest camp” occupied by protesters, making 11 people died.
According to Reuters, some protesters raised the slogans with boycott Chinese brands in Yangon and burnt the flag of China to protest that China has been friendly to the military government who initiated the coup. Because of that, the protesters burnt 32 Chinese factories in Yangon last month, and today they burnt a Chinese clothing factory called JOC.
Source: Stand News #Apr07
https://bit.ly/3gvFxlu
#Myanmar #WhatsHappeningInMyanmar #China #Protest #Xiaomi #Huawei #Reuters #JOC #Yangon #Karenni
More than two months since the coup in Myanmar, according to the statistics of the local organisation assisting political prisoners, the death toll has reached at least 581. A Chinse factory in Yangon was burnt by the protesters today (7th April) while some protesters raised the slogans of boycott Chinese brands “Xiaomi” and “Huawei”. The military also attacked Hpruso Township in Kayah (Karenni) State, a “Tarhan protest camp” occupied by protesters, making 11 people died.
According to Reuters, some protesters raised the slogans with boycott Chinese brands in Yangon and burnt the flag of China to protest that China has been friendly to the military government who initiated the coup. Because of that, the protesters burnt 32 Chinese factories in Yangon last month, and today they burnt a Chinese clothing factory called JOC.
Source: Stand News #Apr07
https://bit.ly/3gvFxlu
#Myanmar #WhatsHappeningInMyanmar #China #Protest #Xiaomi #Huawei #Reuters #JOC #Yangon #Karenni
立場新聞 Stand News
【緬甸政變】示威者再燒中資工廠 軍方襲「示威營」殺 11 人 | 立場報道 | 立場新聞
緬甸政變至今兩個多月,根據當地協助政治犯組織的統計,鎮壓死亡人數已達至少 581 人。仰光一間中資服裝工廠今日...
#MadeinChina #Surveillance
Lithuania says throw away Chinese phones due to #censorship concerns
[Editor's note: The National Communications Commision of #Taiwan has confirmed the same result of Chinese censorship in China-made mobile phones in the findings released on January 6, 2022. Taiwan conducted a similar investigation after Lithuania published their report on September 21, 2021 as below]
#Lithuania's #DefenseMinistry recommended that consumers avoid buying Chinese mobile phones and advised people to throw away the ones they have now after a government report found the devices had built-in censorship capabilities.
Flagship phones sold in Europe by China's smartphone giant Xiaomi Corp (1810.HK)have a built-in ability to detect and censor terms such as "Free Tibet", "Long live Taiwan independence" or "democracy movement", Lithuania's state-run cybersecurity body said on Tuesday.
The capability in Xiaomi's Mi 10T 5G phone software had been turned off for the "European Union region", but can be turned on remotely at any time, the Defence Ministry's National Cyber Security Centre said in the report.
"Our recommendation is to not buy new Chinese phones, and to get rid of those already purchased as fast as reasonably possible," Defence Deputy Minister Margiris Abukevicius told reporters in introducing the report.
Lithuania says throw away Chinese phones due to censorship concerns.
Read the full article:
https://www.reuters.com/business/media-telecom/lithuania-says-throw-away-chinese-phones-due-censorship-concerns-2021-09-21/
#Cybersecurity #Censorship #Xiaomi
Source: Reuters #Sept21;
National Communications Commision of Taiwan #Jan6
The Report of National Communications Commision (#NCC) of Taiwan in Chinese:
https://www.ncc.gov.tw/chinese/news_detail.aspx
Lithuania says throw away Chinese phones due to #censorship concerns
[Editor's note: The National Communications Commision of #Taiwan has confirmed the same result of Chinese censorship in China-made mobile phones in the findings released on January 6, 2022. Taiwan conducted a similar investigation after Lithuania published their report on September 21, 2021 as below]
#Lithuania's #DefenseMinistry recommended that consumers avoid buying Chinese mobile phones and advised people to throw away the ones they have now after a government report found the devices had built-in censorship capabilities.
Flagship phones sold in Europe by China's smartphone giant Xiaomi Corp (1810.HK)have a built-in ability to detect and censor terms such as "Free Tibet", "Long live Taiwan independence" or "democracy movement", Lithuania's state-run cybersecurity body said on Tuesday.
The capability in Xiaomi's Mi 10T 5G phone software had been turned off for the "European Union region", but can be turned on remotely at any time, the Defence Ministry's National Cyber Security Centre said in the report.
"Our recommendation is to not buy new Chinese phones, and to get rid of those already purchased as fast as reasonably possible," Defence Deputy Minister Margiris Abukevicius told reporters in introducing the report.
Lithuania says throw away Chinese phones due to censorship concerns.
Read the full article:
https://www.reuters.com/business/media-telecom/lithuania-says-throw-away-chinese-phones-due-censorship-concerns-2021-09-21/
#Cybersecurity #Censorship #Xiaomi
Source: Reuters #Sept21;
National Communications Commision of Taiwan #Jan6
The Report of National Communications Commision (#NCC) of Taiwan in Chinese:
https://www.ncc.gov.tw/chinese/news_detail.aspx
Reuters
Lithuania says throw away Chinese phones due to censorship concerns
Lithuania's Defense Ministry recommended that consumers avoid buying Chinese mobile phones and advised people to throw away the ones they have now after a government report found the devices had built-in censorship capabilities.
Cyberspace Administration of China: Already Held 30 Large IT Companies' Algorithm Technologies
Cyber Administration of China (#CAC) indicated on #Aug12 that 30 top IT companies have submitted part of their algorithm details, such as how to collect personal data and how to set up individual recommendation content.
Companies includes #Tencent, #TikTok under #ByteDance, #MeiTuen, #iFeng, #Weibo, #Youku, #Kuaishou, #Baidu, #Sina, #Xiaomi, #WeChat, and #Tmall and #Taobao under #Alibaba.
#Bloomberg report stated that China can have full grasp of every move done by the citizens on the internet, and even all purchase detail and personal information can be seen clearly via the relevant enterprises and applications.
The CAC passed the regulations on algorithm recommendation in March this year, requiring all enterprises to reveal the algorithm used in every application.
Nominally, they can solve the issue of data misuse and enhance cyber security. But once when the authority obtained algorithm technology, they can take further control over web activity and carry out political propaganda.
They even can take "National Security" as an excuse, to obtain citizens' and companies' information.
Source: PC Market #Aug17
https://www.pcmarket.com.hk/china-netcom-algorithm-technology-of-30-technology-giants-has-been-mastered/?fbclid=IwAR3nrfecOdr8bYlAdIkaE3S783sF8pEprBrq_7Jg46s3lLXzzi1Pv8aSX0k
#CyberAdministrationofChina #surveillance #NationalSecurity #Webtracking #AlgorithmTechnology
Cyber Administration of China (#CAC) indicated on #Aug12 that 30 top IT companies have submitted part of their algorithm details, such as how to collect personal data and how to set up individual recommendation content.
Companies includes #Tencent, #TikTok under #ByteDance, #MeiTuen, #iFeng, #Weibo, #Youku, #Kuaishou, #Baidu, #Sina, #Xiaomi, #WeChat, and #Tmall and #Taobao under #Alibaba.
#Bloomberg report stated that China can have full grasp of every move done by the citizens on the internet, and even all purchase detail and personal information can be seen clearly via the relevant enterprises and applications.
The CAC passed the regulations on algorithm recommendation in March this year, requiring all enterprises to reveal the algorithm used in every application.
Nominally, they can solve the issue of data misuse and enhance cyber security. But once when the authority obtained algorithm technology, they can take further control over web activity and carry out political propaganda.
They even can take "National Security" as an excuse, to obtain citizens' and companies' information.
Source: PC Market #Aug17
https://www.pcmarket.com.hk/china-netcom-algorithm-technology-of-30-technology-giants-has-been-mastered/?fbclid=IwAR3nrfecOdr8bYlAdIkaE3S783sF8pEprBrq_7Jg46s3lLXzzi1Pv8aSX0k
#CyberAdministrationofChina #surveillance #NationalSecurity #Webtracking #AlgorithmTechnology
PCM
騰訊、淘寶、抖音、小米無一倖免 中國網信辦 : 已掌握 30 間科技巨企的演算法技術
根據中國網信辦 (國家互聯網信息辦公室) 12 日表示,包括騰訊、阿里巴巴、字節跳動、美團等 30 間科技巨頭已提交部分應用程式的演算法詳細資訊,包括如何收集個人數據及制定個人推薦內容的技術...