Researchers found out that a Chinese company called Xiaomi is actually using a web browser loaded into their phones to log in and share users' private data!
According Forbes' recent report, researchers studied a particular web browser loaded into Xiaomi phones and found out that it was actually tracking users' web-behavior.
The web browser tracked down the websites visited and search queries in Google along with everything that pops up on the phones' news feed feature.
To make things worse, Forbes even reported that the researchers discovered that Xiaomi tracks access your private data even if the incognito mode is turned on.
Xiaomi gathers sensitive data
On top of everything, researchers found out that the phone even records what folders do users open as well as what screens users swiped through.
All of the hijacked data Xiaomi gathered from its users proceeds to remote servers that the company owns in Singapore and in Russia. According to the researchers, the collected data in total is more than those gathered from just Xiaomi devices.
The data collection also reached beyond those just who use Xiaomi devices, according to researchers. In fact, Forbes reports that Xiaomi extracts data from everyone using their two web browsers called the Mi Browser Pro and the Mint Browser.
The danger is that Google Play Store actually provides access to both the Mi Browser Pro and the Mint Browser. It is very easy to download these two web browsers and this is quite an uneasy thought.
Forbes reports that the Mi Browser Pro and Mint Browser already have 15 million downloads in total according to Google Play statistics.
Xiaomi's statement on the matter
Xiaomi claims that the data is encrypted but researchers say that the encryption is very weak and that it is very easy to track specific users. Forbes reported that researchers took only a few seconds to decode the encrypted data.
The encrypted data was encoded using a method called base 64. Xiaomi has tried to rebut all the claims by researchers.
Xiaomi still claims that the research claims are not true and that the company provides proper security and privacy because these two matters are at the top of their concerns.
The company also stated that they follow strict laws and regulations when it comes to user data privacy matters. This claim by Xiaomi persisted even when researchers sent a video showing the device recording as well as transmitting browsing data to remote services.
In the demonstration, researchers easily queried the word "p*rn" using the incognito mode and found out that company servers actually transmitted this data.
Huawei experienced the same heat Xiaomi is getting and maybe even more. Huawei is currently silent about the whole matter while Xiaomi is grabbing the spotlight. Could Xiaomi devices be safe to use? Is your data safe?