all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MiBand 3 sends all data to Xiaomi when syncing with the app (how to block outbound request)

Add to bookmarks
June 15, 2022, 10:16 a.m. | /u/tintin10q

Privacy & Freedom in the Information Age www.reddit.com

I want to get the new health/watch from Xiaomi (MiBand) because it looks really great.

However someone did an investigation here: [https://www.horiaconstantin.com/xiaomi-miband3-and-privacy/](https://www.horiaconstantin.com/xiaomi-miband3-and-privacy/) and found that the companion app which for the MiBand sends all the data to this url:

```POST https://api-mifit-de.huami.com/v1/data/band_data.json```

He never had to give any permission to do this.

He made a GDPR request to Xiaomi for this data but they never replied. Then he made a complaint to the Dutch government about this but they didn't do …

app block data privacy request xiaomi

Visit resource

More from www.reddit.com / Privacy & Freedom in the Information Age

Senators Seek to Curb Facial Recognition at Airports, Citing Privacy Concerns 2 hours ago | www.reddit.com
airports facial facial recognition privacy +2
Ente or Aegis? 4 hours ago | www.reddit.com
2fa 2fa authenticator aegis auth +4
Billions of Android Devices Open to 'Dirty Stream' Attack 11 hours ago | www.reddit.com
apps compromise downloads exploit +12
Is block strict fingerprinting setting removed from brave browser? 12 hours ago | www.reddit.com
block blocking brave brave browser +9
'Large volume' of data stolen from NHS Dumfries and Galloway published on dark web | … 16 hours ago | www.reddit.com
appointments big dark dark web +11
JPMorgan Fixes Security Flaw, Affects 450K Retirement Plans 16 hours ago | www.reddit.com
fixes flaw jpmorgan plans +4
What Are The Potential Consequences of these Companies having our Data as Private Citizens? 19 hours ago | www.reddit.com
business collecting companies consequences +6
Google, Meta 'break' Apple's device fingerprinting rules 21 hours ago | www.reddit.com
apple device fingerprinting google +3
Without sugar coating, how do I make my phone as private as possible online and … 21 hours ago | www.reddit.com
android find hard hidden +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Red Team Penetration Tester and Operator, Junior

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com

Director, Security Operations & Risk Management

@ Live Nation Entertainment | Toronto, ON
View on infosec-jobs.com

IT and Security Specialist APAC (F/M/D)

@ Flowdesk | Singapore, Singapore, Singapore
View on infosec-jobs.com

Senior Security Controls Assessor

@ Capgemini | Washington, DC, District of Columbia, United States; McLean, Virginia, United States
View on infosec-jobs.com

GRC Systems Solution Architect

@ Deloitte | Midrand, South Africa
View on infosec-jobs.com

Cybersecurity Subject Matter Expert (SME)

@ SMS Data Products Group, Inc. | Fort Belvoir, VA, United States
View on infosec-jobs.com
View more jobs