Desist from using Xiaomi phones: IAF asks its personnel

IAF personnel and their families have been asked not to use Chinese 'Xiaomi Redmi 1s' phones on the ground that data was allegedly transferred to their servers in China and it could be a security risk, a charge denied by the company.
"F-secure, a leading security solution company, recently carried out a test of Xiaomi Redmi 1s, the company's budget smartphone, and found that the phone was forwarding carrier name, phone number, IMEI (the device identifier) plus numbers from address book and text messages back to Beijing," says an advisory issued by the IAF to its personnel.
The note, issued some weeks ago, has been prepared by the intelligence unit based on the inputs from Indian Computer Emergency Response Team (CERT-In), according to IAF sources.

The company in a statement to PTI said though it does not have full information about the IAF circular, it believes that the advisory is based on events about two months ago.
"We believe, it refers to the F-Secure test done on the Redmi 1S in July 2014 about the activation of our Cloud Messaging service by default.
"We immediately addressed the concerns raised by F-Secure. We scheduled an OTA system update on August 10 to implement a change, which ensured that all the users had to manually activate the Cloud services, instead of being activated by default.

"After the upgrade, new users or users who factory reset their devices can enable the service by 'settings' section. Once users have activated the services, they also have an option to turn it off at any point of time," the company said.

It added that this change was directly acknowledged by F-Secure four days later, when they confirmed that their concerns were addressed.
However, the circular is dated post the event and mentions other details besides the concerns raised by F-Secure.
The company said it does not collect any information without user information.