The National Communications Commission (NCC) is planning to establish a certification system for mobile phone security following reports that Chinese smartphone vendor Xiaomi automatically sends personal information to its servers in Bejing without first securing the consent of users.
A story published in a blog post of Finnish security company F-Secure Corp indicated that Xiaomi smatphones’ built-in text-messaging application, MIUI, can send users’ information to the company’s servers in Beijing without their approval.
Because of the loophole, the report said that the Chinese vendor can access users’ mobile phone number, the international mobile equipment identity (IMEI) code as well as the SIM card number.
The international mobile subscriber identity code would be exposed too if the user signs on to Xiaomi’s cloud service, the report said.
Similar to Apple Inc’s iMessage service, MIUI allows users to send text messages through the Internet rather than through telecoms’ networks.
The story was subsequently picked up by Taiwanese media outlets, with Xiaomi users in Taiwan reportedly topping 400,000. The Beijing-based smartphone vendor first denied the reports, but later apologized for the unauthorized data collection.
It added that the messaging system would only be activated on an “opt-in” basis and personal information would be encrypted and would not be stored on its servers.
The commission said it told the Chinese company to inspect all types of phones — not only the two mentioned in the F-Secure blog — that it sells in Taiwan and determine if they have the same issue.
“We have notified them that they should provide a written explanation of how they plan to address the issue,” said Lo Chin-hsien (羅金賢), director of the commission’s Resources and Technologies Department. “We will ask them to come in and answer questions if necessary.”
The commission is to meet with other mobile phone manufacturers soon to discuss how they address information security issues, Lo said.
He added that the Executive Yuan has determined that the applications built into mobile phones will be tested by the commission, while applications downloaded via mobile phones will be supervised by the Industrial Development Bureau.
While the commission has a certification system for mobile phone interfaces, batteries and other specifications, it does not have one yet for information security.
It is aiming to establish an information security mechanism by the end of next year, he said.
“Currently, there is no country in the world that demands that mobile phone manufacturers have national certifications for information security. We can only encourage mobile phone manufacturers to take such certification when it becomes available,” he said.
Lo said the mechanism would not only target mobile phones produced in China, but it would apply to other manufacturers as well.
‘DENIAL DEFENSE’: The US would increase its military presence with uncrewed ships, and submarines, while boosting defense in the Indo-Pacific, a Pete Hegseth memo said The US is reorienting its military strategy to focus primarily on deterring a potential Chinese invasion of Taiwan, a memo signed by US Secretary of Defense Pete Hegseth showed. The memo also called on Taiwan to increase its defense spending. The document, known as the “Interim National Defense Strategic Guidance,” was distributed this month and detailed the national defense plans of US President Donald Trump’s administration, an article in the Washington Post said on Saturday. It outlines how the US can prepare for a potential war with China and defend itself from threats in the “near abroad,” including Greenland and the Panama
The High Prosecutors’ Office yesterday withdrew an appeal against the acquittal of a former bank manager 22 years after his death, marking Taiwan’s first instance of prosecutors rendering posthumous justice to a wrongfully convicted defendant. Chu Ching-en (諸慶恩) — formerly a manager at the Taipei branch of BNP Paribas — was in 1999 accused by Weng Mao-chung (翁茂鍾), then-president of Chia Her Industrial Co, of forging a request for a fixed deposit of US$10 million by I-Hwa Industrial Co, a subsidiary of Chia Her, which was used as collateral. Chu was ruled not guilty in the first trial, but was found guilty
A wild live dugong was found in Taiwan for the first time in 88 years, after it was accidentally caught by a fisher’s net on Tuesday in Yilan County’s Fenniaolin (粉鳥林). This is the first sighting of the species in Taiwan since 1937, having already been considered “extinct” in the country and considered as “vulnerable” by the International Union for Conservation of Nature. A fisher surnamed Chen (陳) went to Fenniaolin to collect the fish in his netting, but instead caught a 3m long, 500kg dugong. The fisher released the animal back into the wild, not realizing it was an endangered species at
DEADLOCK: As the commission is unable to forum a quorum to review license renewal applications, the channel operators are not at fault and can air past their license date The National Communications Commission (NCC) yesterday said that the Public Television Service (PTS) and 36 other television and radio broadcasters could continue airing, despite the commission’s inability to meet a quorum to review their license renewal applications. The licenses of PTS and the other channels are set to expire between this month and June. The National Communications Commission Organization Act (國家通訊傳播委員會組織法) stipulates that the commission must meet the mandated quorum of four to hold a valid meeting. The seven-member commission currently has only three commissioners. “We have informed the channel operators of the progress we have made in reviewing their license renewal applications, and
RSS