back to article Xiaomi emits phone browser updates after almighty row over web activity harvested even in incognito mode

Congratulations, everyone. We made it through April. Here's a handy mop-up of bits and bytes of security news beyond what we covered in The Reg. Xiaomi phones at the center of tracking brouhaha A Forbes report last week outlined how some Xiaomi Android phones track their owners' web browsing and online activities. It was …

  1. Steve Davies 3 Silver badge
    Holmes

    re: White House says no more foreign grid gear

    Why isn't all this kit including US made stuff air gapped at least once from the internet?

    This is a clear case of ... well something that has bolted a long time ago.

    1. Peter2 Silver badge

      Re: re: White House says no more foreign grid gear

      Somebody will have decided it was cheaper to connect everything to the internet at some point.

      1. b0llchit Silver badge
        Facepalm

        Re: re: White House says no more foreign grid gear

        Yes, and it would be a loss to national security if we, the US three letter abbreviations, were no longer able to backdoor our own infrastructure. For the course of national security, of course.

        (I'm so sorry, but it is very hard not to be a cynic when the US is talking "national security")

  2. Len
    Stop

    What's the difference between Mi Browser and Google Chrome?

    I don't really get all the brouhaha around this Xiaomi revelation. It's not any different from what Google Chrome does, harvesting all data including from incognito sessions. Android data slurping measured and monitored

    I suppose scandals like these are good to reiterate to the wider public that when it comes to privacy, browsers are one of the most sensitive pieces of software. Choose wisely.

    1. cybergibbons

      Re: What's the difference between Mi Browser and Google Chrome?

      Chrome doesn't take the URLs you visit and send them to Google whilst in Incognito mode.

      This seems like a fairly clear difference to me.

    2. Ben Tasker

      Re: What's the difference between Mi Browser and Google Chrome?

      For one, I don't think Google have ever said "no they're wrong, we don't collect that". Their response seems to be more "Yeah we do, it's in the terms, piss off" than "fake nooos".

      Also, Google actually tell you that Chrome will collect stuff, and they don't send full urls back

      Xiaomi's issue here is derived from so much more than what their browser was doing. Their entire response to it has been utter shit - read their blog post (linked to in TFA), it's waffle that completely avoids the thing at issue, when it's not outright contradicting itself. It's that response which has blown it up into a brouha - had they said "yes, shit, we'll fix this" then there wouldn't have been nearly the same shitstorm.

      Instead they went with "the people who found this are wrong"

    3. Anonymous Coward
      Devil

      Re: What's the difference between Mi Browser and Google Chrome?

      The difference in the blogosphere (and the security establishment) is that they're Commies.

      If you are truly concerned about privacy, you should be using a browser like Firefox.

  3. tin 2

    Which peice of shit software developer...

    ...is sitting there thinking it's fine to add telemetry to private browsing mode*, and doing it? C'mon who are you?

    * NVM the more arguable stuff. I think we can all defintely agree that private browsing signals that the user doesn't want any telemetry sending anywhere right?

    1. Tom 38

      Re: Which peice of shit software developer...

      "Private browsing" isn't remotely private, its just a throwaway session, cache and cookie jar.

  4. Captain Scarlet
    Facepalm

    switch on/off the aggregated data collection

    I assume this is switched on by default and is there just so they can go "Look we are listening to your feedback"

  5. Anonymous Coward
    Anonymous Coward

    Pfft, amateurs!

    "It was claimed the handsets collect things like browsing history, search queries, and news feed activity, and send the data off to servers in China, even when using the bundled Xiaomi browser's private incognito mode"

    I recently discovered the "tcpdump" binary in the /system/xbin directory of a TCL/Alcatel device my friend had purchased from Cricket Wireless.

    If you're gonna capture data, do it right!

    (Amateurs)

  6. Down not across

    Ferris Bueller would be proud

    Ferris Bueller would be so proud...

    Whilst I'm sure he would be, I think David Lightman got there few years earlier.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like