Report that MIUI EU sends private data to China

[Cveronica]

Hi. Recently there is a post (https://web.archive.org/web/2023020...2719865?shareKey=MjkxMWRkZWE1NDU4NjNjZjgyNjM~ ) (you can google translate it) in Chinese claiming that MIUI EU version sends app list of the phone to Tencent China automatically. This is part of MIUI Security component of MIUI China and MIUI EU does not remove it.

Given the dubious privacy practice of Chinese government and companies, most users may prefer to disable it and any activity to send private data by the OS to China without consent.

Could you comfirm if the claim is true and if so can MIUI EU disable it by default?

 

[JiaiJ]

Another thread is already opened about this topic: https://xiaomi.eu/community/threads...ormation-without-permission.68126/post-684598

 

[Igor Eisberg]

A few facts to point out, and hopefully the few paranoids among our users stop bothering us:
1) The security of MIUI is not our responsibility. We are not security experts and these ROMs are not meant for the paranoids who are afraid of China.
2) Tencent engine exists in GuardProvider (MIUI security components) app.
3) Tencent engine is disabled for international ROMs (that includes ours).
4) Apps list is not sent to Tencent, the "AntiDefraud" component is part of Mi Engine and the apps list is sent to an API on a Xiaomi-owned server: https://flash.sec.miui.com/detect/app

If you have a problem with any of that, don't use MIUI, or don't even buy a Chinese phone. Get yourself an iPhone or a Samsung or whatever, and give your information to them instead (you know they'll collect that).

 

[JakSpoon]

A few facts to point out, and hopefully the few paranoids among our users stop bothering us:
1) The security of MIUI is not our responsibility. We are not security experts and these ROMs are not meant for the paranoids who are afraid of China.
2) Tencent engine exists in GuardProvider (MIUI security components) app.
3) Tencent engine is disabled for international ROMs (that includes ours).
4) Apps list is not sent to Tencent, the "AntiDefraud" component is part of Mi Engine and the apps list is sent to an API on a Xiaomi-owned server: https://flash.sec.miui.com/detect/app

If you have a problem with any of that, don't use MIUI, or don't even buy a Chinese phone. Get yourself an iPhone or a Samsung or whatever, and give your information to them instead (you know they'll collect that).

Thank you for your reply!

I just ask one thing: would this issue basically come from the "Tencent Engine"? Is it not possible to remove it easily for Chinese ROMs, like it was done for global ROMS?

 

[Igor Eisberg]

would this issue basically come from the "Tencent Engine"?

Did you read what I wrote? There is no issue, and apps list is being only sent to Mi Engine (not Tencent engine).

Is it not possible to remove it easily for Chinese ROMs, like it was done for global ROMS?

I never said that anything was done for Global ROMs. You should re-read. The Tencent engine for virus scan is not enabled on international ROMs.
The difference between Global ROM and China ROM is the URL to which apps list is sent.
China ROM: https://flash.sec.miui.com/detect/app
Global ROM: https://flash.sec.intl.miui.com/detect/app
None of them are Tencent URLs...

 

[JakSpoon]

Did you read what I wrote? There is no issue, and apps list is being only sent to Mi Engine (not Tencent engine).


I never said that anything was done for Global ROMs. You should re-read. The Tencent engine for virus scan is not enabled on international ROMs.
The difference between Global ROM and China ROM is the URL to which apps list is sent.
China ROM: https://flash.sec.miui.com/detect/app
Global ROM: https://flash.sec.intl.miui.com/detect/app
None of them are Tencent URLs...

Clear… thanks again for the reply.