I'm guessing US is about to declare Xiaomi a national security threat ๐
this post was submitted on 19 Jul 2021
21 points (95.7% liked)
Technology
35504 readers
338 users here now
This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.
Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.
Rules:
1: All Lemmy rules apply
2: Do not post low effort posts
3: NEVER post naziped*gore stuff
4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.
5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)
6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist
7: crypto related posts, unless essential, are disallowed
founded 5 years ago
MODERATORS
Security-wise xiaomi is not in any way better than apple
Mobile security, just like brand or SO is an urban legend, based on faith. Apple only stands out for charging more expensive and making life impossible for developers.
The containerized model for Android and iOS apps is very secure, much more so than desktop where any software has full access to at least your user directory without needing any explicit user permissions.
The problem comes from proprietary operating systems and proprietary apps, which by definition cannot be trusted for privacy or security (not saying open source is automatically secure or private, but it's at least possible to externally audit them). In this regard, Apple is likely worse than an AOSP based Android ROM without any Google Apps. However, I'd wager that the Android that comes with most phones is worse than iOS, because those have the Google Services Framework installed, and Google is pretty much the king of stepping all over user privacy.
I do not agree with this, Win10 has a Sandbox system that prevents soft access to sensitive files on the system and to certain folders only with authorization. All saved passwords are encrypted in a second protection ring, this is what, for example, Linux does not do. W10 even protects against RootKits with additional and available measures which can improve more security, which do not exist on Android or iOS. FOSS certainly has some advantages over proprietary OS and soft, but privacy and security are not necessarily among them. Saying that mobiles are safer than a PC is absolutely false.
Windows has many objectionable points, but since it is the most used OS it is also the OS most attacked by all types of malware and therefore also the OS with the most experience in defending these attacks. Not so in Linux or MacOS, always only a secondary target and for this reason believing more secure, but this is changing and for Linux there is not even an AV that deserves this name and less other additional protections.
Whether an app is FOSS or not is irrelevant, the only protection the user has is to read TOS and PP of the product, this is what nobody does (All APIs of Google, Alphabet Inc, Amazon, Facebook and others, are FOSS and included in a lot of other FOSS apps)
Whether an app is FOSS or not is irrelevant, the only protection the user has is to read TOS and PP of the product
The big tech companies have been caught lying on their privacy policy and always got off scott free.
Yes, indeed, f.Exmpl. the lack of Windows is that they spy the user, but on the other hand if you know this, you can diseable this in the own settings. Although some options are quite hidden and are not directly accessible. But in other soft from small companies or individuals, the privacy is generally quite good, although the product is not FOSS. For Exmpl the famous Irfanview (Freeware) or one of my favorite online services SSuite (Freeware), which has a TOS and PP that I like also for others (the shortest I know). In OS Linux generally has a good privacy, but the security isn't so good, unlike Windows, where privacy is not strong (but you can improve it) , but it is nevertheless perhaps one of the safest OS currently.
I agree, that phone security is a cartoon meladrama. However, the price for acquiring personal information varies between platforms. Both of these feed intelligences with users' browsing history, passwords, credit card details and voice recordings, as can be seen in privacy policies and network monitors. The black market for personal data is so big that everyone is leaking every couple of weeks.
I was referring to how US banned Huawei when it started outcompeting US companies in the market.
Why should that surprise you - US market is very competitive and they throw out players if they can.
I never said I was surprised. I was making a joke that when US companies have to actually compete then US starts trying to shut competition out of their market.
As far as I know, Xiaomi phones have unlockable bootloaders and you can put Lineage or /e/OS on it, or even PostmarketOS or Ubuntu Touch, Apple locks you into their completely proprietary ecosystem. Point is, regardless of which is more secure out of the box, Xiaomi phones likely can be a lot more secure if you put some effort into it.
The problem is the radio module - no matter what you put in your xiaomi it will still register on Chinese phone frequencies. All drivers code is also from xiaomi, that can't go anywhere.
I'd like to see Xiaomi enter the US market (which is in dire need of more competition) with their smartphones. BBK Electronics (owner of Oppo, Vivo, etc.) was able to break into the US with OnePlus as a new brand in 2014. Xiaomi could probably succeed using the same playbook.
Xiaomi phones can have their bootloader unlocked, which allows users to install custom operating systems such as LineageOS. This requires filling out a form and waiting a week, which is less than ideal, but still better than the many phone manufacturers that don't allow their phones' bootloaders to be unlocked at all.
In my experience it's not a week. Usually it unlocks right away, but they only allow 1 unlock per account per month. And the software to unlock is windows only sadly.
I do wonder why they do that. Like, I can't think of any business reason.
they claim it's to prevent rebranding, so a local store or small company can't unlock a large number of phones, install another OS on them, and then sell them as Xiaomi phones. it's a shame they don't do as OnePlus does.
Interesting. Though I'm not sure why they're so keen on preventing that, at least from a pure business perspective, since they're still getting sales if rebranders exist. Admittedly I don't know what the ethical or consumer side implications of this are, maybe they're doing consumers a favour by restricting in this way, maybe not. Anyone want to weigh in?
they say it's intended to stop unofficial resellers from installing bloated ROMs. you can read more about it at the bottom of this page: https://c.mi.com/thread-2262302-1-0.html#replybtn_11131246
Probably a case of "takes one to know one", i.e. they have some sort of profitable deals for pre-loading apps on their phones and don't want them to be wiped easily.
yeah, Xiaomi isn't exactly against bloatware, otherwise they wouldn't be installing every single google app as a system app with no option of deletion xD
Maybe some metrics?
Maybe. I unlocked my Fairphone's bootloader by entering the IMEI into their site and instantly getting the unlock code. I don't see why they didn't just do it that way, even if they want analytics.
Both my Oppo Find 7 and first generation Pixel actually didn't need any actions to unlock outside the phone itself and the Fastboot CLI tool, which, I'm not familiar with what the security implications are for that, but it's why I didn't even know that needing to go to the manufacturer's website to unlock was a common thing until I got my Fairphone.
The unlock needs nonFree software and making an account in a untrustable and nonFree service.
Main software is only for Windows, where, with certain exception, I got a one running in GNU/Linux for the case of a friend but was also nonFree.
Instead of this, I would prefer to buy Le ECO Le 2 x520 (or any other supported by LineageOS) which can be unlocked directly from Fastboot.
https://www.bloomberg.com/news/articles/2021-07-16/xiaomi-overtakes-apple-as-no-2-phone-maker-canalys-says for those who don't read cnbc
Is Bloomberg really better though?
Than Chinese news talking about Chinese phones? It's better to have both, and it states its source.
How is CNBC Chinese news?
My bad, I confused it with south China morning post. The sun-looking logo made me think that. Still, some people prefer bloomberg for financial news.
Finally!
It's actually even worse: if you take BBK's brands, they're #1 so Apple is essentially #4. So China is roughly taking 50% of the whole market.
This is not a good trend in any way, but I suppose we've been digging our own graves for a long time.
I think it's a great trend myself.
Why would China's supremacy be a good thing?
Because China is a sane country that promotes a peaceful and multilateral world, while US has built a global empire on blood and exploitation?
not like american supremacy has been a good thing, may as well give something else a go
Because the US's virtual monopoly in the tech industry (at least in the West) have been such a ball of wholesomeness and benevolence.
Yes, granted, but I don't see how replacing it with another, seemingly hostile, monopoly will help.
I don't see China becoming a tech monopoly any time soon. Many countries are stepping up their own tech game lately (at least domestically) due in great part to distrust in the US.