Report claims that Xiaomi phones collect browsing data from its users

Ro, 01 May 2020

According to a security researcher working with Forbes, Xiaomi has been collecting browsing data from users who are using Xiaomi phones and the built-in browser. And the fun part is that the browser does so even in incognito mode or even when using the privacy-conscious DuckDuckGo web browser.

Gabriel Cirlig, the security researcher, is using a Redmi Note 8 as a daily driver and noticed that the device records pretty much everything he does on the phone and sends the data to servers in Russia and Singapore, although the domains are hosted in Beijing. We are talking screens, websites visited, folders opened, settings he changed, music played on the default app, etc.

Report claims that Xiaomi phones collect browisng data from its users

The data itself is poorly encrypted using the base64 format, so it was very easy for him to transcribe the data into plain text.

Cirlig went even further and downloaded the ROMs for Xiaomi Mi 10, the Redmi K20 and the Mi Mix 3 and found the very same security vulnerability on all of them. Another security researcher, Andrew Tierney, found the suspicious behavior on the Mi Browser Pro and the Mint Browser too.

Xiaomi has responded to the allegations saying that Forbes findings are misleading and untrue. A spokesperson for the company said that Xiaomi complies with all local laws and regulations on user data privacy and the collected browsing data has been anonymized. As to why Xiaomi is collecting it, it's because the firm is trying to improve the user's browsing experience and it's a standard practice. More importantly, the data can't be traced back to a specific user. However, Gabriel Cirlig sent a video to Xiaomi showing how the browser sends its history to the said servers even in incognito mode.



Reader comments

everything is done upside down, I know as a user, I don't care if I have ads on my phone, why would they care what I search for to send me such ads, I personally don't like someone to put something in front of my nose if I don't want to, that is rude...

you and he both are partially true. I tried to tell few of my friends about data privacy, how companies sell and use your data. but they didnt even care. they listened, some of them thought what would google do with my data? some even didnt care to l...

  • kofz

i have a mi 9t pro (k20 pro) with evolution x rom, i dare to say its better than miui, its a pixel experience but with spetacjlar extras

Popular articles


Popular devices