The National Communications Commission (NCC) is planning to establish a certification system for mobile phone security following reports that Chinese smartphone vendor Xiaomi automatically sends personal information to its servers in Bejing without first securing the consent of users.
A story published in a blog post of Finnish security company F-Secure Corp indicated that Xiaomi smatphones’ built-in text-messaging application, MIUI, can send users’ information to the company’s servers in Beijing without their approval.
Because of the loophole, the report said that the Chinese vendor can access users’ mobile phone number, the international mobile equipment identity (IMEI) code as well as the SIM card number.
The international mobile subscriber identity code would be exposed too if the user signs on to Xiaomi’s cloud service, the report said.
Similar to Apple Inc’s iMessage service, MIUI allows users to send text messages through the Internet rather than through telecoms’ networks.
The story was subsequently picked up by Taiwanese media outlets, with Xiaomi users in Taiwan reportedly topping 400,000. The Beijing-based smartphone vendor first denied the reports, but later apologized for the unauthorized data collection.
It added that the messaging system would only be activated on an “opt-in” basis and personal information would be encrypted and would not be stored on its servers.
The commission said it told the Chinese company to inspect all types of phones — not only the two mentioned in the F-Secure blog — that it sells in Taiwan and determine if they have the same issue.
“We have notified them that they should provide a written explanation of how they plan to address the issue,” said Lo Chin-hsien (羅金賢), director of the commission’s Resources and Technologies Department. “We will ask them to come in and answer questions if necessary.”
The commission is to meet with other mobile phone manufacturers soon to discuss how they address information security issues, Lo said.
He added that the Executive Yuan has determined that the applications built into mobile phones will be tested by the commission, while applications downloaded via mobile phones will be supervised by the Industrial Development Bureau.
While the commission has a certification system for mobile phone interfaces, batteries and other specifications, it does not have one yet for information security.
It is aiming to establish an information security mechanism by the end of next year, he said.
“Currently, there is no country in the world that demands that mobile phone manufacturers have national certifications for information security. We can only encourage mobile phone manufacturers to take such certification when it becomes available,” he said.
Lo said the mechanism would not only target mobile phones produced in China, but it would apply to other manufacturers as well.
FATAL FIRE: The health department is trying to contact the inspector who visited the site of the illegal nursing home to ask why they did not advise follow-up checks The Taipei City Government yesterday said that a health department inspector last year had visited the site of a long-term care facility in Neihu District (內湖) after receiving a report questioning its status. A fire broke out at the facility on Tuesday afternoon, killing three people. The Taipei Fire Department said that it received a report about a fire on the first floor of a four-story residential building on Kangning Road Sec. 1 at 2:38pm on Tuesday, firefighters arrived at 2:43pm and the fire was put out by 3:07pm. The firefighters found three men in beds and rushed them to hospital for
Taipei City Councilor Wang Hao (王浩) of the Chinese Nationalist Party (KMT) on Monday called for security improvements to the MRT, as fare evasion has increased more than 13-fold on the metropolitan railway system over the past five years. Taipei Mayor Ko Wen-je (柯文哲) has spoken out against fare evasion and other contraventions of MRT regulations, but since he took office in 2015 the number of contraventions has more than doubled, Wang said, adding that there were 537 cases in 2015 compared with 959 last year. A video was posted to YouTube in June showing people how to evade paying a fare,
FEELING MISUNDERSTOOD: Media speculation has fueled confusion about the KMT’s reasons for skipping a Chinese forum and delaying an AIT meeting, party sources said The Chinese Nationalist Party (KMT) on Sunday said that it is not seeking to improve relations with the US or China at the expense of the other, and that its relations with the countries would be topic-based. The party has faced questions over its foreign policy after it on Monday last week announced its withdrawal from the annual Straits Forum and delayed planned talks with the American Institute in Taiwan (AIT). The party has also taken a tough stance on the importation of US meat containing ractopamine, while also lambasting China for increasing its military activity in and around the Taiwan Strait. Following
Yuchi Township (魚池) fishers have appealed to the Nantou County Government for help in dealing with an invasive fish species in Sun Moon Lake (日月潭), where it has devastated the local ecosystem. Fishers at Sun Moon Lake have been using electrofishing in an attempt to eliminate the giant snakehead fish — found in Africa and Southeast Asia — but they have struggled to keep up with the growing population of the species, which breeds during September and October, the county government said on Monday. The county has contacted researchers at National Tsing Hua University, saying it hoped they could come up