Security of MIUI Rom

Discussion in 'Question & Answers' started by apxbx, Mar 31, 2011.

  1. apxbx

    apxbxMembers

    Mar 25, 2011
    31
    0
    16
    I was looking at the Circle Icon mod and I noticed the developer had this comment about MIUI:

    Original post here

    Is there cause for concern? Could any rom devs elaborate perhaps?
     
  2. ringer13

    ringer13Members

    Feb 4, 2011
    9
    0
    11
    it seems everyone in that thread has ignored the post...i wonder why?
    this sort of scares me....

    i am having second thoughts about miui now, luckily i dont have any sensitive accounts set up on my phone, and definitely will not in the future if i even continue with miui
     
  3. narrowpath

    narrowpathMembers

    Feb 16, 2011
    43
    0
    16
    Im very interrested to hear more about this.

    Sent from my PC36100 using the miui-dev.com Forums App
     
  4. Augoza

    AugozaMembers

    Mar 25, 2011
    35
    0
    16
    What the hell

    Sent from my PC36100 using the miui-dev.com Forums App
     
  5. r47z

    r47zMembers

    Dec 14, 2010
    304
    0
    38
    I am able to use MIUI w/other kernels and obtain logcat... hmmm

    Sent from my HTC Desire using the miui-dev.com Forums App
     
  6. trout

    troutMembers

    Jan 26, 2011
    18
    0
    11
    Probably the original poster is talking about the froyo build. In those releases you needed to replace liblog.so with a compatible version. I used to take this module from cyanogenmod 6 and had no problems with kernel logging.

    If you are truly worried about security in MIUI you can use tools to capture network traffic on the phone. "Shark for root" is an excellent app for this.
     
  7. narrowpath

    narrowpathMembers

    Feb 16, 2011
    43
    0
    16
    it would be interesting to see what would result from a test on this
     
  8. Augoza

    AugozaMembers

    Mar 25, 2011
    35
    0
    16
    Thanks for the advice!! :)

    Sent from my PC36100 using the miui-dev.com Forums App
     
  9. ZeD

    ZeDMembers

    Nov 18, 2010
    88
    4
    18
    Its been checked some time ago, and nothing is wrong with Miui.

    Sent from my HTC Desire using Tapatalk
     
  10. verboze

    verbozeMembers

    Feb 18, 2011
    62
    0
    16
    Scary in deed, and it did cross my mind a few times as well. I've always been wary of storing / using sensitive data on phones anyways. They easily get lost; I would feel the same or worse about losing a phone that stored sensitive information as losing my wallet. Thanks for the bit of reassurance, trout. Does anyone know if MIUI ever plans to open-source their code? I can understand keeping the source closed until they iron out the base functionality, but I am truly hoping MIUI is not staying closed-source forever. Security concerns aside, I think this type of product gets better when a larger pool of developers weigh in they tweaks/fixes, and the system as a whole becomes more stable. This would also allow for porting to a greater range of devices...
     
  11. Haran

    HaranMembers

    Mar 22, 2011
    19
    0
    11
    Who checked? can you link please?

    I personally open this thread about a non exclusive miui "issue" i dont know if it ' s really an issue but i would like to know more if anyone know

    however open the source is the best way to have a trusted software
     
  12. ZeD

    ZeDMembers

    Nov 18, 2010
    88
    4
    18
    I can't provide a link cause this was a long time ago, when MIUI was rather new. I know that Mark wrote something about this here at Miui-Dev, search and you will find.

    Sent from my HTC Desire using Tapatalk
     
  13. Haran

    HaranMembers

    Mar 22, 2011
    19
    0
    11
    Ah yes, i read that thread month ago.
    Mark have all my respect for his incredible work but i dont know if an early version rom tcp dump is enough.

    Btw i think that the biggest problem is the total absence of communication between chinese devs and no chinese users/devs, the language is a big issue. If we can directly ask to them (why closed source ecc) maybe they will have no problem to answer us.
    I personally dont know even why they start to make this rom and which are they goals
     
  14. r47z

    r47zMembers

    Dec 14, 2010
    304
    0
    38
    The Chinese are THE Chinese. They did it for themselves. Read up about China and you know what I'm talking about.

    Sent from my HTC Desire
     
  15. Scottndville

    Nov 6, 2010
    165
    5
    28
    I personally think they are developing roms for training.they want to develop a product that can eventually be sold to manufacturers. Like whoever came up with sense for htc. Just my opinion, but in my opinion my opinion is a pretty good opinion. Just saying.
     
  16. Haran

    HaranMembers

    Mar 22, 2011
    19
    0
    11
    I know that they develop for themselves and they are not interested to deploy world wide but i dont understand what do you mean with "Read up about China and you know what I'm talking about. " chinese like other people have pros and cons but i think they are great people that work hard and have and incredible desire to demonstrate what they are able to, these are remarkable points.

    Probably they start to training and learn and although i will be very happy to see this rom on official devices, i dont know if this will be possible, the rom breaks alot of patents (first of all the launcher)
     
  17. EndlessDissent

    Nov 13, 2010
    803
    1
    55
    Do you have Chrome to Phone installed? Read this thread on XDA: http://goo.gl/Y7LS6
     
  18. wtf does this even mean?

    Sense is closed source from the taiwanese! read up on the taiwanese, they are shady!
    Touchwiz is closed source from the koreans! read up on the koreans, they are shady!
    Motoblur is closed source from the americans! read up on the americans, they are shady!

    I've lived in China myself and had nothing but good experiences with the people there. Nobody tried to take my phone from my pocket and steal my precious information.
     
  19. r47z

    r47zMembers

    Dec 14, 2010
    304
    0
    38
    Probably speaking from another point of view. Ignore what I just said.
     
  20. Haran

    HaranMembers

    Mar 22, 2011
    19
    0
    11
    That thread jump to wrong conclusions, if you read my thread you will see that is not chrome to phone.

    btw thnks for your interest
     
  21. Haran

    HaranMembers

    Mar 22, 2011
    19
    0
    11
    honestly I did not understand what you meant on that thread
     
  22. jladronka

    jladronkaMembers

    Nov 16, 2010
    352
    0
    38
    I can confirm this was spoken to back when the MIUI translation was just starting out. As far as a link, I have no clue, but I'm sure it was on XDA. This was, if I remember correctly, right before miui-dev.com started being used to the extent it is.

    There was a full traffic analysis done of the ROM over a few days, if I remember correctly, and nothing sketchy was every found, nor was anything found that could be "construed" as much.

    The fact of the matter is that ANY rom dev out there could include holes in their rom to capture information if they wanted to. Don't hate because this is a China product. That's downright crude.

    They have closed source because the rom is not out of beta. They have closed source because they can. There is no communication because, as far as I know, they don't formally support anything out of China. What Mark has done has been on his own initiative and his own desire.

    But, really, believe me. If someone wants to steal your information and identity, they're going to do it no matter what you do.
     
  23. Haran

    HaranMembers

    Mar 22, 2011
    19
    0
    11
    i agree with you and personally but i think i m speaking for al the users, none hate and especially none hate because this is china product.

    You are right when you talk about any roms can steal info, but most of other roms are opensourced and this is a big deterrent dont you think?

    You are sying that after beta they will release the code?

    I will never stop to thanks miui developers and mark for their hard work

    Yes but this is another story
     
  24. can you tell me which rom besides cyanogen's is open sourced?
    SENSE TOUCHWIZ MOTOBLUR are all closed source
     
  25. Bruce

    BruceMembers

    Feb 18, 2011
    129
    0
    26
    I don't know how to evaluate code to see if it is malicious. I don't know how to build my own ROM from source code and then compare that with the build that the open source ROM maker released. I don't even know how to build a ROM from source code.

    The point is that, when I download a ROM I have to have trust in any developer, open source or not. Open source allows more people to have the ability to catch the developer when they do malicious things, but I'm not one of those people. Even with open source, I still have to have trust that people in the community are looking over the developer's shoulder, making sure things are OK.

    Another point - I suggest that many of the tools that are used to find malicious activity by a ROM or in an app will work if the ROM or app is open source or not.

    I think open source is a great idea for many reasons. For one thing, it speeds up the pace of innovation. For another it can speed the pace of finding and fixing unintentional problems. I do not think open source will keep people from deliberately doing malicious things with computer software. I do not think MIUI developers are deliberately doing malicious things.
     

Share Our Site