 |
|
||
|
|
|
|||||||
| Xiaomi Redmi Note 3 Pro Xiaomi Redmi Note 3 Pro |
 |
|
|
Herramientas |
|
#1
15/09/16, 11:50:43
|
||||
|
||||
|
Xiaomi utiliza un sistema de distribución sin encriptar para instalar paquetes de forma silenciosa
Esto es muy, muy malo.
Inglés solamente (soy portugués, no puedo traducir) Reverse Engineering Xiaomi’s Analytics app  Cita: They're sending your IMEI, MAC address, Model, Nonce, Package name and signature to Xiaomi's servers through an unencrypted channel once every 24 hours to check for an update to their analytics app.
And if the servers see the analytics apps is out of date, they sent an APK down to your device (without you granting permission), and there aren't any verification done to make sure the APK they're sending is even an updated analytics app. So Xiaomi could use this to remotely install any app onto your device. Hackers could do the same if they gained control of Xiaomi's servers, and a local hacker should be able to do the same if they had control over the local network you are on.  Dicho esto, creo que voy a volver a CM 13 o RR. 
|
|
|
|
#3
15/09/16, 15:34:36
|
||||
|
||||
|
Algo parecido pasaba con las actualizaciones del Oneplus, se enviaba imei y demás información sin cifrar cada vez que el sistema buscaba una actualización. Sólo lo veo importante si te sueles conectar en redes públicas.
Enviado desde mi A0001 mediante Tapatalk
|
|
Estás aquí
|
||||||
|
||||||
![Array
[xs_avatar]](https://avatar.htcmania.com/avatares/unknown.gif)
![Array
[xs_avatar]](https://avatar.htcmania.com/avatares/avatar1101938_1.gif){kind=avatar}