A new report reveals that the Mi Browser Pro and Mint Browser browsers found on various Xiaomi devices violate user privacy by recording many of user activities without their permission.
This is not the first time that we have heard that a company gets its hands into the activities of users, since many of them, among which we can mention Google and Apple, use this “study” to analyze the tastes of users.
Xiaomi violates the privacy of users from the browser
According to the source, Xiaomi has incurred a data breach, since it has been storing a large amount of information about user activities within its Mi Browser Pro and Mint Browser applications.
According to this report that appeared in Forbes, the researchers discovered that the two applications – with more than 15 million downloads on Google Play – accumulated millions of data on any website visited by users, even those consulted incognito.
Thousands of recorded data
In addition to this, the source points out that the company also recorded queries from Google search engines, DuckDuckGo, news articles seen in the Xiaomi news function, and data on the folders opened by users, and all the movements made by users from the screen, status bar and configuration menu.
Data that was packaged and sent to remote servers in Singapore and Russia whose domains were registered in Beijing. Additionally, the researchers noted that some of this data was sent to servers that Xiaomi rented from the Chinese tech giant Alibaba.
Redmi Note 8 and other models involved
Finally, the researchers show that this tracking or tracking code was located on the Redmi Note 8, Xiaomi MI 10, Xiaomi Redmi K20 and Xiaomi Mi MIX 3 devices, although it is suspected that this tracking could be running from many more computers in the company.
Given this discovery, Xiaomi denied having done anything wrong and argued that “all transferred data is encrypted and anonymized”, and that “it strictly follows and fully complies with local laws and regulations regarding the privacy of user data”.
Although, of course, this is not entirely true, because as mentioned, the researchers were able to easily decipher the data into legible pieces of information that can be linked to a particular user.