|
小米官方以实际行动回应了前些时间闹得沸沸扬扬的“小米未经许可上传用户数据”指控。在雨果巴拉的谷歌+页面上,他回应道:小米是一个专注于提供高质易用移动网络服务的公司。我们相信保护用户数据与隐私是最优先的。我们不在用户许可前上传或储存私人信息或数据。我们决定把小米云端短信设置为一项需要选择启用的服务,并且不再会自动启用。同时,雨果向MIUI用户与粉丝对此感到的担忧表示了歉意,并感谢了提供了反馈建议的用户和媒体。
http://www.androidcentral.com/hugo-barra-responds-xiaomi-privacy-concerns
https://plus.google.com/+HugoBarra/posts/bkJTXzyXXmj
雨果巴拉还说明了MIUI云端信息处理电话号码的机制:
1,发送/接收者的电话号码是标识信息传递的主要依据。IMEI与IMSI也用于追踪设备的在线状况。
2,当MIUI用户开启短信或打开联系人,或新建一个联系人时,设备会将涉及该联系人的电话号码发送给小米云端短信的服务器,并查找该联系人的在线状态(或者是否是云端短信的用户)。这使得发送者能立刻确定是否能发送免费的信息。
3,在以上的任何情况中,接收者的电话号码只用于查找在线状态以及传递信息。没有联系人或社交图谱的信息会被储存于云端,并且,以加密形式的(小米云端)短信也不会储存超出必要的用于传递信息的时间。
4,今天(8月10日)的OTA增加了额外一层安全措施以加密传送到云端短信服务器的电话号码。在更新完成后,新用户或进行了工厂重置了设备的用户可以从主界面进入“Settings > Mi Cloud > Cloud Messaging”或从短信应用的“Settings > Cloud Messaging”处手动启用小米云端短信,同时用户也可在那里关闭小米云端短信。
雨果巴拉原文:
- The primary identifiers used to route messages are the sender and receiver’s phone numbers. IMEI and IMSI information is also used to keep track of a device's online status.
- When a user sends a text message, if there is an Internet connection available, the Cloud Messaging system will attempt to route the message via IP. If the receiver is offline (i.e. not immediately reachable via IP), the system falls back to sending a normal SMS message from the sender’s device.
- When a MIUI user opens a text message or a phonebook contact, or creates a new contact, the device connects to the Cloud Messaging servers, forwards the phone number of that contact and requests the online status of the corresponding user, which is indicated by a blue icon when that user is online or gray icon if that user is offline (or is not a Cloud Messaging user). This allows the sender to immediately know whether they can text that user without incurring SMS costs.
- In any of these flows, the receiver’s phone number is only used to look up online status and to route messages. No phonebook contact details or social graph information (i.e. the mapping between contacts) is stored on Cloud Messaging servers, and message content (in encrypted form) is not kept for longer than necessary to ensure immediate delivery to the receiver.
- The OTA system update made available today (Aug 10th) adds an extra layer of security by encrypting phone numbers whenever they are sent to Cloud Messaging servers.
- We will continue to make changes and improvements to this architecture as needed over time.
|
|