The National Communications Commission (NCC) is planning to establish a certification system for mobile phone security following reports that Chinese smartphone vendor Xiaomi automatically sends personal information to its servers in Bejing without first securing the consent of users.
A story published in a blog post of Finnish security company F-Secure Corp indicated that Xiaomi smatphones’ built-in text-messaging application, MIUI, can send users’ information to the company’s servers in Beijing without their approval.
Because of the loophole, the report said that the Chinese vendor can access users’ mobile phone number, the international mobile equipment identity (IMEI) code as well as the SIM card number.
The international mobile subscriber identity code would be exposed too if the user signs on to Xiaomi’s cloud service, the report said.
Similar to Apple Inc’s iMessage service, MIUI allows users to send text messages through the Internet rather than through telecoms’ networks.
The story was subsequently picked up by Taiwanese media outlets, with Xiaomi users in Taiwan reportedly topping 400,000. The Beijing-based smartphone vendor first denied the reports, but later apologized for the unauthorized data collection.
It added that the messaging system would only be activated on an “opt-in” basis and personal information would be encrypted and would not be stored on its servers.
The commission said it told the Chinese company to inspect all types of phones — not only the two mentioned in the F-Secure blog — that it sells in Taiwan and determine if they have the same issue.
“We have notified them that they should provide a written explanation of how they plan to address the issue,” said Lo Chin-hsien (羅金賢), director of the commission’s Resources and Technologies Department. “We will ask them to come in and answer questions if necessary.”
The commission is to meet with other mobile phone manufacturers soon to discuss how they address information security issues, Lo said.
He added that the Executive Yuan has determined that the applications built into mobile phones will be tested by the commission, while applications downloaded via mobile phones will be supervised by the Industrial Development Bureau.
While the commission has a certification system for mobile phone interfaces, batteries and other specifications, it does not have one yet for information security.
It is aiming to establish an information security mechanism by the end of next year, he said.
“Currently, there is no country in the world that demands that mobile phone manufacturers have national certifications for information security. We can only encourage mobile phone manufacturers to take such certification when it becomes available,” he said.
Lo said the mechanism would not only target mobile phones produced in China, but it would apply to other manufacturers as well.
Former Czech Republic-based Taiwanese researcher Cheng Yu-chin (鄭宇欽) has been sentenced to seven years in prison on espionage-related charges, China’s Ministry of State Security announced yesterday. China said Cheng was a spy for Taiwan who “masqueraded as a professor” and that he was previously an assistant to former Cabinet secretary-general Cho Jung-tai (卓榮泰). President-elect William Lai (賴清德) on Wednesday last week announced Cho would be his premier when Lai is inaugurated next month. Today is China’s “National Security Education Day.” The Chinese ministry yesterday released a video online showing arrests over the past 10 years of people alleged to be
THE HAWAII FACTOR: While a 1965 opinion said an attack on Hawaii would not trigger Article 5, the text of the treaty suggests the state is covered, the report says NATO could be drawn into a conflict in the Taiwan Strait if Chinese forces attacked the US mainland or Hawaii, a NATO Defense College report published on Monday says. The report, written by James Lee, an assistant research fellow at Academia Sinica’s Institute of European and American Studies, states that under certain conditions a Taiwan contingency could trigger Article 5 of NATO, under which an attack against any member of the alliance is considered an attack against all members, necessitating a response. Article 6 of the North Atlantic Treaty specifies that an armed attack in the territory of any member in Europe,
LIKE FAMILY: People now treat dogs and cats as family members. They receive the same medical treatments and tests as humans do, a veterinary association official said The number of pet dogs and cats in Taiwan has officially outnumbered the number of human newborns last year, data from the Ministry of Agriculture’s pet registration information system showed. As of last year, Taiwan had 94,544 registered pet dogs and 137,652 pet cats, the data showed. By contrast, 135,571 babies were born last year. Demand for medical care for pet animals has also risen. As of Feb. 29, there were 5,773 veterinarians in Taiwan, 3,993 of whom were for pet animals, statistics from the Animal and Plant Health Inspection Agency showed. In 2022, the nation had 3,077 pediatricians. As of last
XINJIANG: Officials are conducting a report into amending an existing law or to enact a special law to prohibit goods using forced labor Taiwan is mulling an amendment prohibiting the importation of goods using forced labor, similar to the Uyghur Forced Labor Prevention Act (UFLPA) passed by the US Congress in 2021 that imposed limits on goods produced using forced labor in China’s Xinjiang region. A government official who wished to remain anonymous said yesterday that as the US customs law explicitly prohibits the importation of goods made using forced labor, in 2021 it passed the specialized UFLPA to limit the importation of cotton and other goods from China’s Xinjiang Uyghur region. Taiwan does not have the legal basis to prohibit the importation of goods