Xiaomi Apologises for Unauthorised Data Access

Xiaomi Apologises for Unauthorised Data Access
Advertisement
Xiaomi Inc said it had upgraded its operating system to ensure users knew it was collecting data from their address books after a report by a computer security firm said the Chinese budget smartphone maker was taking personal data without permission.

The privately held company said it had fixed a loophole in its cloud messaging system that had triggered the unauthorised data transfer and that the operating system upgrade had been rolled out on Sunday.

The issue was highlighted last week in a blog post by security firm F-Secure Oyg and had been reported by media outlets in Taiwan. Like Apple Inc's iMessage service, Xiaomi lets users avoid SMS charges by routing messages over the Internet rather than through a carrier's network.

(Also see: Xiaomi Says Its Smartphones Do Not Secretly Upload Photos, Text Messages)

In a lengthy blogpost on Google Plus, Xiaomi Vice President Hugo Barra apologised for the unauthorised data collection and said the company only collects phone numbers in users' address books to see if the users are online.

He said the smartphone's messaging system would now only activate on an "opt-in" basis and that any phone numbers sent back to Xiaomi servers would be encrypted and not stored.

Some industry analysts say Xiaomi has pipped Samsung Electronics Co Ltd to become the top selling smartphone brand in China, the world's biggest smartphone market.

Although an increasing number of smartphone apps harvest vast troves of personal data including a user's real-time location, the address book remains a particularly sensitive domain.

The U.S. Federal Trade Commission fined the social network Path $800,000 last year after security researchers showed how the company siphoned users' address books without their knowledge and stored it on its servers.

As a result of the Path controversy, which began in 2012 and prompted a brief Congressional inquiry, Apple changed its iPhone operating system so that app developers would have to ask explicitly for permission before accessing address book data.

© Thomson Reuters 2014

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

How to Remove Facebook, Twitter, Gmail, LinkedIn, Dropbox App Permissions
Microsoft Lumia 730 Design, Pricing, and Specs Tipped in New Leak
Share on Facebook Gadgets360 Twitter Share Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Follow Us

Advertisement

© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »