all InfoSec news
MiBand 3 sends all data to Xiaomi when syncing with the app (how to block outbound request)
June 15, 2022, 10:16 a.m. | /u/tintin10q
Privacy & Freedom in the Information Age www.reddit.com
However someone did an investigation here: [https://www.horiaconstantin.com/xiaomi-miband3-and-privacy/](https://www.horiaconstantin.com/xiaomi-miband3-and-privacy/) and found that the companion app which for the MiBand sends all the data to this url:
```POST https://api-mifit-de.huami.com/v1/data/band_data.json```
He never had to give any permission to do this.
He made a GDPR request to Xiaomi for this data but they never replied. Then he made a complaint to the Dutch government about this but they didn't do …
More from www.reddit.com / Privacy & Freedom in the Information Age
Jobs in InfoSec / Cybersecurity
Red Team Penetration Tester and Operator, Junior
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
Director, Security Operations & Risk Management
@ Live Nation Entertainment | Toronto, ON
IT and Security Specialist APAC (F/M/D)
@ Flowdesk | Singapore, Singapore, Singapore
Senior Security Controls Assessor
@ Capgemini | Washington, DC, District of Columbia, United States; McLean, Virginia, United States
GRC Systems Solution Architect
@ Deloitte | Midrand, South Africa
Cybersecurity Subject Matter Expert (SME)
@ SMS Data Products Group, Inc. | Fort Belvoir, VA, United States