Sep 22, 2021

https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysi...

Whole report is worth a read, but page 22 is where this "censorship" is discussed. Given this is HN I think some of you would be interested in the technical specifics in order to give a proper, informed opinion here.

The censorship involves blocking certain personalized ads within some of the core Xiao Mi apps by filtering political keywords. The keywords are all in mandarin, so ads that would be blocked would be Chinese ads. The list of keywords seems to be controversial political statements or news organization based on the report, including a pro china newspaper. The code is only run in China regions, but is stored on all these phones. Technically a standard software update could modify the code to remove that block.

I understand concerns about censorship are high, but logically I don't see the concern here; that is if you're not in mainland China. If you're in mainland China the wrong personalized ad can get you into trouble so this very elementary ad censorship is necessary, but this is about the EU region. It's bold to assume they'd allow this to be run in other regions after the user updated the apps, there's just no reason too, nor is there anything particularly invasive or malicious going on here that is different from other smart phones, based on the technical report.

Sep 22, 2021

pdf of the report being reported on: https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysi...

Sep 22, 2021

PDF is here: https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysi...

...do you want me to post 449 items? :-)

Sep 22, 2021

It's all covered in the 32 page research report:

Xiaomi system applications (Security, MiBrowser, Cleaner, MIUI Package Installer and Themes) have been found to regularly download the manufacturer’s updated configuration file MiAdBlacklistConfig from a server located in Singapore. This file contains a list composed of the titles, names and other information of various religious and political groups and social movements (at the time the analysis was performed, 449 records were identified in the MiAdBlacklistConfig file). Analysis of the Xiaomi application code showed that the applications have implemented software classes for filtering the target multimedia displayed on the device according to the downloaded MiAdBlacklistConfig list. This allows a Xiaomi device to perform an analysis of the target multimedia content entering a phone: to search for keywords based on the MiAdBlacklist list received from the server. When it is determined that such content contains keywords from the list, the device blocks this content. It is thought that this functionality can pose potential threats to the free availability of information.

PDF here: https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysi...

Sep 22, 2021

Thanks to those who posted a link to the actual report [1]

It may be worth clarifying that all those keywords and terms are in Chinese. So when they say "Free Tibet" they mean that the phone has a blacklist file that contains "西藏自由" and which use is disabled in the "European region".

On the other hand, it seems that this blacklist file is actually downloaded into the phone, which suggests to me that they could update it to match any terms in any language if they wanted.

I think that Chinese manufacturers will really need to produce 'clean' firmware that satisfies independent audits instead of these superficial feature flags if they want to continue to sell in the West long term. If not they will suffer Huawei's fate one after the other when this sort of thing is found out.

[1] https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysi...

Sep 22, 2021

It seems like the keyword match is based on Chinese, based on the extract on page 23 of the report.

Linked near the top of the thread, 32 pages of goodness: https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysi...

Sep 22, 2021

The 35 page report has details that should make it easy to replicate.

"This file contains a list composed of the titles, names and other information of various religious and political groups and social movements (at the time of the analysis, the MiAdBlacklistConfig file contained 449 elements). A fragment of the MiAdBlacklistConfig file is shown in Table 14." page 23

Linked elsewhere but here's the PDF report: https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysi...

Sep 22, 2021

that link 404'd for me

this should work (note: direct link to pdf)

https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysi...

Sep 22, 2021

I used the tweet due to the paywall of the Reuters article.

Another user below found the best link, the true original source:

Here's the official report: https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysi... (link updated)

Sep 22, 2021

Please don't submit tweets that are just links to news articles.

Here's the official report: https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysi...