• IP addresses are NOT logged in this forum so there's no point asking. Please note that this forum is full of homophobes, racists, lunatics, schizophrenics & absolute nut jobs with a smattering of geniuses, Chinese chauvinists, Moderate Muslims and last but not least a couple of "know-it-alls" constantly sprouting their dubious wisdom. If you believe that content generated by unsavory characters might cause you offense PLEASE LEAVE NOW! Sammyboy Admin and Staff are not responsible for your hurt feelings should you choose to read any of the content here.

    The OTHER forum is HERE so please stop asking.

Careful if you own a Xiaomi handphone

J

johnny333

Alfrescian (Inf)
Asset
If you own one of the Xiaomi handphone you might want to read the following:

http://forums.appleinsider.com/t/18...ly-sending-user-data-to-china-surreptitiously


Xiaomi's Redmi Note allegedly sending user data to China surreptitiously

At least one device from upstart Chinese smartphone maker Xiaomi has been found to transmit user data -- including SMS messages and photos -- back to servers in mainland China without the user's permission, according to reports from Hong Kong.


While testing Xiaomi's Redmi Note handset, Kenny Li of Hong Kong forum IMA Mobile discovered that the device continued to make connections with IP addresses in Beijing even after switching off the company's iCloud-like MiCloud service. The transmissions occur only over Wi-Fi, though the device does stay in contact with the servers via small "handshakes" while using cellular data.

Li says that data transmission persists even after erasing and re-flashing the handset with a different Android ROM, suggesting that the functionality could be built in to the phone's firmware.

It remains unclear whether this is the handset's intended mode of operation or if it is the result of a software glitch, as Xiaomi has yet to respond to the allegations. The company has previously said that it will store customer data in China, but only after the user opts in.

While attention has been focused on American technology companies in the wake of Edward Snowden's spying revelations, Chinese companies have also come under the microscope in recent years. Chinese telecom giants -- and Xiaomi competitors -- Huawei and ZTE were called out as "national security risks" in a 2012 report from the U.S. House Intelligence Committee, though both denied having cooperating with the Chinese government.
 
Y

yellowarse

Alfrescian (Inf)
Asset
Not just Xiaomi. All handset manufacturers and carriers are spying on users. And Google collects all the data.

<header class="" style="box-sizing: border-box; ">Your Android Phone Is Secretly Recording Everything You Do (Updated)

</header>289,1973
18ty6nptl80ejjpg.jpg
Jesus Diaz

Profile


<i class="icon icon-share icon-prepend" style="box-sizing: border-box; font-style: normal; line-height: 16px; -webkit-user-select: none; font-family: KinjaIcons; font-size: 16px; font-weight: normal !important; display: inline-block; width: 16px; height: 16px; vertical-align: top; text-align: center; color: black; margin-right: 10px; opacity: 0.3; margin-top: 1px; "><iframe id="youtube-T17XQI_AYNo" src="http://www.youtube.com/embed/T17XQI_AYNo?wmode=transparent&rel=0&autohide=1&showinfo=0&enablejsapi=1" data-chomp-id="T17XQI_AYNo" width="640" height="360" class="youtube" frameborder="0" allowfullscreen="allowfullscreen" webkitallowfullscreen="webkitAllowFullScreen" mozallowfullscreen="mozallowfullscreen" style="box-sizing: border-box; position: absolute; top: 0px; left: 0px; width: 636px; height: 355px; "></iframe></i>
If you have any decently modern Android phone, everything you do is being recorded by hidden software lurking inside. It even circumvents web encryption and grabs everything—including your passwords and Google queries.
Worse: it's the handset manufacturers and the carriers who—in the name of "making your user experience better"—install this software without any way for you to opt-out. This video, recorded by 25-year-old Android developer Trevor Eckhart, shows how it works. This is bad. Really bad.
Update 1: Nokia claims they don't use Carrier IQ's spyware.
Update 2: Hackers have found Carrier IQ in Apple iPhone, but only works in diagnostic mode—which is off by default—and only logs technical data.
<aside class="referenced-wide referenced-fullwidth js_inset tmpl_referencedGroupFullWidth clearfix" style="box-sizing: border-box; clear: both; float: none; margin-top: 0px; margin-right: 0px; margin-bottom: 1.5rem; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; ">
Yes, Your iPhone Can Track You With Carrier IQ, Too

All hell broke loose yesterday when it was discovered that most (but not all) Android phones (and…Read more


</aside>Fast forward to 9:00 for the damning sequence.
The spying software is developed by a company called Carrier IQ. In their site, the company says they are "the only embedded analytics company to support millions of devices simultaneously, we give Wireless Carriers and Handset Manufacturers unprecedented insight into their customers' mobile experience."
Who has this problem?

It seems like a good goal and, indeed, most manufacturers and carriers agree: according to Eckhart, the spyware is included in most Android phones out there.
Eckhart claims that Carrier IQ software is also included in Blackberry and Nokia smartphonestoo. It probably works exactly the same in those smartphones as well. However, there's no proof showing these problems in those phones. There's no mention about Apple's iPhone.
It also doesn't even matter if your telephone was purchased free of carrier contracts. As Eckhart shows in this video, it's always there.
The problem is that it does a lot more than log anonymous generic data. It grabs everything.
Update 1: I know you've followed today's news that software from CarrierIQ has been found on Nokia devices. I wanted to quickly reach out following your story to let you know that in fact, CarrierIQ does not ship products for any Nokia devices. Therefore, these reports are inaccurate.
Update 2: Hackers have found traces of Carrier IQ in iOS. However, it is not active unless you manually turn on the diagnostic mode (by default is off) and, apparently, only logs technical data, like call status and location.
How does it work?

Carrier IQ's software is installed in your phone at the deepest level. You don't know it's there. You are never warned this is happening. You can't opt-in and you certainly can't opt-out.
The commercial spyware sits between the user and the applications in the phone so, no matter how secure and private your apps are, the spyware intercepts anything you do. From your location to your web browsing addresses and passwords to the content of your text messages.
This even happens using a private Wi-Fi connection instead of the carrier 3G or 4G connection.
The company denied all this in a public statement (PDF):
While we look at many aspects of a device's performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools
But the video clearly demonstrates that this is not true: Keystrokes submit unique key codes to Carrier IQ. Even secure connections are intercepted by the spyware, allowing it to record your moves in the open. These connections to the web are encrypted but, since Carrier IQ's spyware sits between the browser and the user, it grabs it and sends it in plain text.
The spyware can even log your location, even if the user declines to allow an app to know where it is. The hidden Carrier IQ app ignores your desires, intercepts the data and gets your location anyway.
What can you do to avoid it?

Unfortunately, not much. The hidden spyware is always running, and there's no option in any of the menus to deactivate it. Unless you're a grade-A blackbelt hacker, you're out of luck. Even Eckhart, who is a developer, finds it difficult to remove:
Why is this not opt-in and why is it so hard to fully remove?
It's an excellent question. One that urgently needs an answer, from Carrier IQ but especially from every handset manufacturer and carrier involved in this situation.
The solution to this problem is not installing a custom ROM. That's something that shouldn't be required from consumers, something that normal people will not be willing to do. Products must respect privacy rights out of the box. Consumers must be informed about this the moment they turn on their phones in a clear way. They should have the possibility to opt-in and opt-out whenever they want, with a single click. This matter should be solved now by Carrier IQ, the handset manufacturer and the carriers.
If it isn't solved as soon as possible, authorities in the US and Europe should nail them with everything they have. [Twitter, Android Security Test, EFF and Carrier IQ via Threat Level]



 
eatshitndie

eatshitndie

Alfrescian (Inf)
Asset
it's true. i was moving my bowels and at the same time reading tonychat's post on the virtues of eating vege on my android device when google+ prompted a banner advertising restaurants in the area serving vegan diets interspersed with goodness of probiotic products. :eek:
 
virus

virus

Alfrescian
Loyal
eatshitndie said:
it's true. i was moving my bowels and at the same time reading tonychat's post on the virtues of eating vege on my android device when google+ prompted a banner advertising restaurants in the area serving vegan diets interspersed with goodness of probiotic products. :eek:
Click to expand...

Nice story kor kor. They failed to tell you where to get soursop?
 
J

johnny333

Alfrescian (Inf)
Asset
As Sporeans we do not have any privacy from the PAP. THEY are our big brother. So being spied upon is nothing new.
 
eatshitndie

eatshitndie

Alfrescian (Inf)
Asset
virus said:
Nice story kor kor. They failed to tell you where to get soursop?
Click to expand...

they did finally correlated tonychat with soursop, and that was why i had to fly over 6.9k miles to get freshly squeezed soursop juice. the soursop coalition would also like to thank tonychat for his undying contributions to the promotion and awareness of the goodness of soursop juice.
 
eatshitndie

eatshitndie

Alfrescian (Inf)
Asset
halsey02 said:
Lucky he was not wanking in the toilet look at HJ.....the phone might display pages of The Instana....
Click to expand...

excrement at the istana comprises mostly post-processing of vege and fruit with occasional mee siam mai hum and fried chicken interspersed in stool flow. all that picked up by google on the android device. :o
 
Y

yellowarse

Alfrescian (Inf)
Asset
MIUI does not secretly send user data to Chinese govt servers: Xiaomi’s Hugo Barra

Xiaomi's hot-seller RedMi Note

[FONT=nexa_bold]By tech2 News Staff [FONT=nexa_bold]/ 31 Jul 2014 , 13:06[/FONT][/FONT]
Xiaomi’s Hugo Barra has come out in defence of the company which has been under criticism off late regarding silent uploads to servers in China from its RedMi Note phablet.

The RedMi Note series has been a hot seller in China and will be launched in India soon. Most of the times, the phone has sold out within minutes of its arrival on the e-store. But a report in the Taiwanese website TechNews.Tw has dampened mood of Xiaomi fans and Redmi Note users.

RedMi Note was found to be stealthily sending data back to a server hosted in China over Wi-Fi. When a user disconnects from Wi-Fi, the transmission still occurs using a handshake, which requires low data and power. The report recounts a forum post on IMA Mobile by user Kenny Li, who discovered that his RedMi Note has been connecting to an IP address in China and transferring data back to the server when he is operating in Wi-Fi mode. Li says that that even if you root the phone and flash it with another firmware, the background transmission continues, and hints that the process is hard coded into the hardware.

According to Li, pictures, SMSes and other messages get sent to the Chinese servers which belong CCNCI, a Chinese Internet company. Barra, who is leading Xiaomi’s global foray, said on Google+ that the original article misinterpreted the forum thread which led to the issue being brought up. “The article neglected to refer to a Chinese version of this Q and A already posted on the Xiaomi Hong Kong Facebook page. MIUI does not secretly upload photos and text messages.”

Barra added that the connection was established by the MIUI firmware as it requests public data such as preset greeting messages in the messaging app and OTA update details from Xiaomi servers at regular intervals. Barra added that this communication contained “all non-personal data that does not infringe on user privacy.”

He further added: “Xiaomi is serious about user privacy and takes all possible steps to ensure our Internet services adhere to our privacy policy. We do not upload any personal information and data without the permission of users. In a globalized economy, Chinese manufacturers’ handsets are selling well internationally, and many international brands are similarly successful in China – any unlawful activity would be greatly detrimental to a company’s global expansion efforts,” added Barra.

Xiaomi made a cracking debut in India with the Mi 3 which has sold out all its inventory put on sale so far, while Redmi Note will be available in India soon.


 
D

Deuce

Alfrescian (Inf)
Asset

Xiaomi starts to feel the backlash of being 'China's Apple'

Staff Reporter
2014-08-16

CFP455579879-165900_copy1.jpg


A Xiaomi advert in Yichang, Hubei province, Jan. 4. (Photo/CFP)

Chinese smartphone maker Xiaomi's market valuation is worth dozens of billions of US dollars just four years after it was founded in 2010, but with its rising influence the public has become more critical of the company.

Taiwanese media reported recently that Xiaomi phones pose a security threat as they automatically send users' private information to servers in Beijing without their users' consent.

Citing a blog post by Finnish security firm F-Secure, Taiwanese media pointed out that Xiaomi phones send the international mobile subscriber identity (IMSI) and international mobile equipment identity (IMEI) codes, as well as SIM card numbers to Xiaomi's servers in Beijing.

Xiaomi explained that the invasion of privacy reported by Taiwan's media outlets was caused by a built-in text-messaging application which is similar to Apple's iMessage that allows users to send text messages over the internet instead of the network of telecom carriers.

Sending the phone numbers and IMSI and IMEI codes to the company's servers can help examine the online status of the smartphones and make sure users can access the service normally, it explained.

Xiaomi admitted accessing private data however and expressed an apology. It provided a system upgrade on Aug. 10 that turned off the function that automatically sends users' personal information to the servers and encrypts their phone numbers.

However, Xiaomi did not explain whether it also gathers information on Xiaomi users in China.

In addition, Xiaomi Taiwan was fined NT$600,000 (US$20,000), by Taiwan's Fair Trade Commission for false advertising.

Xiaomi Taiwan claimed that last year it sold 10,000 Redmi phones online in Taiwan within nine minutes and 50 seconds on Dec. 9; 10,000 handsets in 68 seconds on Dec. 16 and 8,000 within 25 seconds on Dec. 23. The FTC found that Xiaomi Taiwan had actually sold only 9,339, 9492 and 7,389 handsets respectively during the three rounds of sales.

Xiaomi Taiwan apologized but only admitted the discrepancy for 30 units and reserved some units for buyers holding the F-code.

The Beijing News reported that Xiaomi has no longer received overwhelming praise from its fans during its two latest launches, indicating that having assumed the status of "China's Apple," it is not starting to absorb the inevitable brickbats that come with that over time.

Xiaomi's corporate work culture has also been under fire recently. Recently, a Xiaomi employee reportedly mocked one of his friends who was seeking employment at the company after leaving Nokia. The Xiaomi worker said in a sarcastic manner that Nokia offered a higher salary and more days off, so "sorry, Xiaomi does not have such an ideal position to offer."

Xiaomi chairman Lei Jun often encourages his workers to work longer hours in order to provide better services and products for its users. They usually work over ten hours a day and six days a week.

 
You must log in or register to reply here.

Similar threads

duluxe
CCP built African Union HQ Building for 'free', installed Huawei Cameras Spying for 5 years
2
Replies
26
Views
2K
Tarkett
T
gsbslut
'Better than a real man': young Chinese women turn to AI boyfriends
Replies
1
Views
476
searcher1
searcher1
duluxe
Malaysia is Looking into the National Security Threat of TikTok, Possibility of Banning It
Replies
0
Views
1K
duluxe
duluxe
SBFNews
India seizes US$725 million in Xiaomi assets
Replies
2
Views
742
syed putra
syed putra
JohnTan
Serious OCS Prepared Good Sinkie Chew Shou Zi To Be Tiktok CEO! Guess If He Can Persuade Biden To Not Ban Tiktok?
2
Replies
38
Views
2K
Hypocrite-The
Hypocrite-The
Top