The National Communications Commission (NCC) is planning to establish a certification system for mobile phone security following reports that Chinese smartphone vendor Xiaomi automatically sends personal information to its servers in Bejing without first securing the consent of users.
A story published in a blog post of Finnish security company F-Secure Corp indicated that Xiaomi smatphones’ built-in text-messaging application, MIUI, can send users’ information to the company’s servers in Beijing without their approval.
Because of the loophole, the report said that the Chinese vendor can access users’ mobile phone number, the international mobile equipment identity (IMEI) code as well as the SIM card number.
The international mobile subscriber identity code would be exposed too if the user signs on to Xiaomi’s cloud service, the report said.
Similar to Apple Inc’s iMessage service, MIUI allows users to send text messages through the Internet rather than through telecoms’ networks.
The story was subsequently picked up by Taiwanese media outlets, with Xiaomi users in Taiwan reportedly topping 400,000. The Beijing-based smartphone vendor first denied the reports, but later apologized for the unauthorized data collection.
It added that the messaging system would only be activated on an “opt-in” basis and personal information would be encrypted and would not be stored on its servers.
The commission said it told the Chinese company to inspect all types of phones — not only the two mentioned in the F-Secure blog — that it sells in Taiwan and determine if they have the same issue.
“We have notified them that they should provide a written explanation of how they plan to address the issue,” said Lo Chin-hsien (羅金賢), director of the commission’s Resources and Technologies Department. “We will ask them to come in and answer questions if necessary.”
The commission is to meet with other mobile phone manufacturers soon to discuss how they address information security issues, Lo said.
He added that the Executive Yuan has determined that the applications built into mobile phones will be tested by the commission, while applications downloaded via mobile phones will be supervised by the Industrial Development Bureau.
While the commission has a certification system for mobile phone interfaces, batteries and other specifications, it does not have one yet for information security.
It is aiming to establish an information security mechanism by the end of next year, he said.
“Currently, there is no country in the world that demands that mobile phone manufacturers have national certifications for information security. We can only encourage mobile phone manufacturers to take such certification when it becomes available,” he said.
Lo said the mechanism would not only target mobile phones produced in China, but it would apply to other manufacturers as well.
‘DENIAL DEFENSE’: The US would increase its military presence with uncrewed ships, and submarines, while boosting defense in the Indo-Pacific, a Pete Hegseth memo said The US is reorienting its military strategy to focus primarily on deterring a potential Chinese invasion of Taiwan, a memo signed by US Secretary of Defense Pete Hegseth showed. The memo also called on Taiwan to increase its defense spending. The document, known as the “Interim National Defense Strategic Guidance,” was distributed this month and detailed the national defense plans of US President Donald Trump’s administration, an article in the Washington Post said on Saturday. It outlines how the US can prepare for a potential war with China and defend itself from threats in the “near abroad,” including Greenland and the Panama
A magnitude 4.9 earthquake struck off Tainan at 11:47am today, the Central Weather Administration (CWA) said. The hypocenter was 32.3km northeast of Tainan City Hall at a depth of 7.3km, CWA data showed. The intensity of the quake, which gauges the actual effect of a seismic event, measured 4 in Tainan and Chiayi County on Taiwan's seven-tier intensity scale, the data showed. The quake had an intensity of 3 in Chiayi City and County, and Yunlin County, while it was measured as 2 in Kaohsiung, Nantou County, Changhua County, Taitung County and offshore Penghu County, the data showed. There were no immediate reports of
The Chinese Nationalist Party (KMT) is maintaining close ties with Beijing, the Democratic Progressive Party (DPP) said yesterday, hours after a new round of Chinese military drills in the Taiwan Strait began. Political parties in a democracy have a responsibility to be loyal to the nation and defend its sovereignty, DPP spokesman Justin Wu (吳崢) told a news conference in Taipei. His comments came hours after Beijing announced via Chinese state media that the Chinese People’s Liberation Army’s Eastern Theater Command was holding large-scale drills simulating a multi-pronged attack on Taiwan. Contrary to the KMT’s claims that it is staunchly anti-communist, KMT Deputy
RESPONSE: The government would investigate incidents of Taiwanese entertainers in China promoting CCP propaganda online in contravention of the law, the source said Taiwanese entertainers living in China who are found to have contravened cross-strait regulations or collaborated with the Chinese Communist Party (CCP) could be subject to fines, a source said on Sunday. Several Taiwanese entertainers have posted on the social media platform Sina Weibo saying that Taiwan “must be returned” to China, and sharing news articles from Chinese state media. In response, the Mainland Affairs Council (MAC) has asked the Ministry of Culture to investigate whether the entertainers had contravened any laws, and asked for them to be questioned upon their return to Taiwan, an official familiar with the matter said. To curb repeated