Xiaomi emits phone browser updates after almighty row over web activity harvested even in incognito mode

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: The Register

Xiaomi phones at the center of tracking brouhaha

A Forbes report last week outlined how some Xiaomi Android phones track their owners’ web browsing and online activities.

It was claimed the handsets’ bundled Xiaomi browser collects things like browsing history, search queries, and news feed activity, and sends the data off to servers in China, even in private incognito mode.

Xiaomi, in response, claimed it anonymizes the harvested data for performance monitoring, though it did admit that this “aggregated data collection” included URLs even in incognito mode.

“Our user’s privacy and internet security is of top priority at Xiaomi,” the phone maker added. “We are confident that we strictly follow and are fully compliant with local laws and regulations.”

The two sides have had a bit of a barney over what exactly is happening. Xiaomi claimed it is not doing anything underhanded. Infosec bods said the data is anonymized using per-user unique ID numbers that do not frequently change, which isn’t particularly brilliant.

Andrew Tierney, one of the researchers involved in the probe, tore into Xiaomi, saying its response was unclear, and added: “There is no doubt that the [Xiaomi] Mint Browser sends search terms and URLs whilst in incognito mode.”

Today, the phone vendor issued an update for its Mi Browser, Mi Browser Pro on Google Play, and Mint Browser on Google Play to “include an option in incognito mode for all users of both browsers to switch on/off the aggregated data collection.” Which should, in theory, when disabled, stop Xiaomi’s software harvesting URLs and other stuff in private mode.


Sadik Shaikh | Cyber Suraksha Abhiyan, Ethical Hacking Training Institute, CEHv10, CHFI, ECSAv10, CAST, ENSA, CCNA, CCNA SECURITY, MCITP, RHCE, CHECKPOINT,  ASA FIREWALL, VMWARE, CLOUD, ANDROID, IPHONE, NETWORKING, HARDWARE, TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking, CSA Certified SOC Analyst, CTIA EC-Council Certified Threat Intelligence Analyst, Center For Advanced Security Training in India, ceh v10 course in Pune-India, ceh certification in pune-India, ceh v10 training in Pune-India, Ethical Hacking Course in Pune-India

The post Xiaomi emits phone browser updates after almighty row over web activity harvested even in incognito mode appeared first on Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan | Hackers Charity.


Leave a Reply

Your email address will not be published. Required fields are marked *