The National Communications Commission (NCC) is planning to establish a certification system for mobile phone security following reports that Chinese smartphone vendor Xiaomi automatically sends personal information to its servers in Bejing without first securing the consent of users.
A story published in a blog post of Finnish security company F-Secure Corp indicated that Xiaomi smatphones’ built-in text-messaging application, MIUI, can send users’ information to the company’s servers in Beijing without their approval.
Because of the loophole, the report said that the Chinese vendor can access users’ mobile phone number, the international mobile equipment identity (IMEI) code as well as the SIM card number.
The international mobile subscriber identity code would be exposed too if the user signs on to Xiaomi’s cloud service, the report said.
Similar to Apple Inc’s iMessage service, MIUI allows users to send text messages through the Internet rather than through telecoms’ networks.
The story was subsequently picked up by Taiwanese media outlets, with Xiaomi users in Taiwan reportedly topping 400,000. The Beijing-based smartphone vendor first denied the reports, but later apologized for the unauthorized data collection.
It added that the messaging system would only be activated on an “opt-in” basis and personal information would be encrypted and would not be stored on its servers.
The commission said it told the Chinese company to inspect all types of phones — not only the two mentioned in the F-Secure blog — that it sells in Taiwan and determine if they have the same issue.
“We have notified them that they should provide a written explanation of how they plan to address the issue,” said Lo Chin-hsien (羅金賢), director of the commission’s Resources and Technologies Department. “We will ask them to come in and answer questions if necessary.”
The commission is to meet with other mobile phone manufacturers soon to discuss how they address information security issues, Lo said.
He added that the Executive Yuan has determined that the applications built into mobile phones will be tested by the commission, while applications downloaded via mobile phones will be supervised by the Industrial Development Bureau.
While the commission has a certification system for mobile phone interfaces, batteries and other specifications, it does not have one yet for information security.
It is aiming to establish an information security mechanism by the end of next year, he said.
“Currently, there is no country in the world that demands that mobile phone manufacturers have national certifications for information security. We can only encourage mobile phone manufacturers to take such certification when it becomes available,” he said.
Lo said the mechanism would not only target mobile phones produced in China, but it would apply to other manufacturers as well.
Taiwan is to commence mass production of the Tien Kung (天弓, “Sky Bow”) III, IV and V missiles by the second quarter of this year if the legislature approves the government’s NT$1.25 trillion (US$39.78 billion) special defense budget, an official said yesterday. Commenting on condition of anonymity, a defense official with knowledge of the matter said that the advanced systems are expected to provide crucial capabilities against ballistic and cruise missiles for the proposed “T-Dome,” an advanced, multi-layered air defense network. The Tien Kung III is an air defense missile with a maximum interception altitude of 35km. The Tien Kung IV and V
The disruption of 941 flights in and out of Taiwan due to China’s large-scale military exercises was no accident, but rather the result of a “quasi-blockade” used to simulate creating the air and sea routes needed for an amphibious landing, a military expert said. The disruptions occurred on Tuesday and lasted about 10 hours as China conducted live-fire drills in the Taiwan Strait. The Civil Aviation Administration (CAA) said the exercises affected 857 international flights and 84 domestic flights, affecting more than 100,000 travelers. Su Tzu-yun (蘇紫雲), a research fellow at the government-sponsored Institute for National Defense and Security Research, said the air
Taiwan lacks effective and cost-efficient armaments to intercept rockets, making the planned “T-Dome” interception system necessary, two experts said on Tuesday. The concerns were raised after China’s military fired two waves of rockets during live-fire drills around Taiwan on Tuesday, part of two-day exercises code-named “Justice Mission 2025.” The first wave involved 17 rockets launched at 9am from Pingtan in China’s Fujian Province, according to Lieutenant General Hsieh Jih-sheng (謝日升) of the Office of the Deputy Chief of the General Staff for Intelligence at the Ministry of National Defense. Those rockets landed 70 nautical miles (129.6km) northeast of Keelung without flying over Taiwan,
A strong continental cold air mass is to bring pollutants to Taiwan from tomorrow, the Ministry of Environment said today, as it issued an “orange” air quality alert for most of the country. All of Taiwan except for Hualien and Taitung counties is to be under an “orange” air quality alert tomorrow, indicating air quality that is unhealthy for sensitive groups. In China, areas from Shandong to Shanghai have been enveloped in haze since Saturday, the ministry said in a news release. Yesterday, hourly concentrations of PM2.5 in these areas ranged from 65 to 160 micrograms per cubic meter (mg/m³), and pollutants were
RSS