I decompiled Mint Browser 3.4.0 and looked for clues. Given that neither the Forbes article nor the security researchers involved seem to provide any technical details, I wanted to take a look for myself.
In the end I was given proof that their data anonymization attempts were only moderately successful if you allow me this understatement. It’s almost identical to Avast’s communication after they were found spying on the users and browser vendors pulled their extensions from add-on stores. If you’ve been following my blog for a while, you might find this argumentation familiar. So it can be assumed that other Xiaomi apps are similarly compromised. On the other hand, a similar issue has been discovered in Xiaomi’s payment app, which would even transmit account data to the “analytics” servers. In this time Xiaomi did little to address this issue.
#Set chrome as default browser miui 11 update#
Update (): It has been close to a year since I wrote this article. TL DR: It is really that bad, and even worse actually. They claim that the data collection is following best practices, the data itself being aggregated and anonymized, without any connection to user’s identity. Xiaomi on the other hand accuses Forbes of misrepresenting the facts. The article accuses Xiaomi of exfiltrating a history of all visited websites. In case you missed it, there was a Forbes article on Mi Browser Pro and Mint Browser which are preinstalled on Xiaomi phones.
0 kommentar(er)
