Lithuania’s Defense Ministry has released a warning, urging consumers to get rid of their Chinese phones and not to buy new ones.
This warning comes in response to Lithuanian cybersecurity researchers identifying several security flaws and censorship-related loopholes in certain Chinese-made smartphones.
Hackread.com has learned that researchers tested 5G mobiles from different Chinese mobile makers, including Huawei, Xiaomi, and OnePlus 8T.
Four Major Cybersecurity Risks Discovered
Lithuania’s National Cyber Security Center (NCSC) revealed that four major cybersecurity flaws were identified in smartphones made by Xiaomi and Huawei. Two of the flaws were related to pre-installed applications, and one was involved in private data leakage.
Huawei P40, according to the report, is responsible for putting users at risk of cyber-security breaches. The report revealed that the official Huawei application store called AppGallery is directing users to third-party stores. Some of the apps uploaded at the store were declared malicious or infected with viruses after these were scanned through anti-virus programs.
After the NCSC’s report, the Defense Deputy Minister of Lithuania, Margiris Abukevicius, released this statement.
“Our recommendation is to not buy new Chinese phones, and to get rid of those already purchased as fast as reasonably possible.”
Possible Limitations on Freedom of Expression
Researchers noted that there might be some limitations on freedom of expression when they inspected Xiaomi phones. They contained a content-filtering feature comprising 449 keywords or bundles of Chinese characters. According to the NCSC, this function can be activated, and more words in Latin characters could be added.
Furthermore, their inspection revealed that certain apps in smartphones made by Huawei and Xiaomi, particularly Xiaomi’s flagship Mi 10T 5G, received updated lists of censored phrases/words and could block certain phrases too.
According to researchers, terms like “Free Tibet,” “Voice of America,” “Democratic Movement” and “Long Live Taiwan Independence” could be blocked. Although the content-filtering feature was disabled when the NCSC inspected the devices, the center claims these can be activated easily.
Moreover, Xiaomi devices were found to be transferring encrypted phone usage data to a Singapore-based server.
The English version of the report is available here [PDF].
Huawei and Xiaomi Response
In response, Huawei rep in China released a statement to media outlets stating that their phones never transfer users’ data externally.
“Data is never processed outside the Huawei device. AppGallery only collects and processes the data necessary to allow its customers to search, install and manage third-party apps, in the same way as other app stores,” the company said.
Xiaomi also responded to the allegations and categorically denied the claims made by the NCSC.
“Xiaomi’s devices do not censor communications to or from its users. Xiaomi has never and will never restrict or block any personal behaviors of our smartphone users, such as searching, calling, web browsing, or the use of third-party communication software,” Xiaomi’s spokesperson said, adding that the firm is fully compliant to GDPR.