wordpress blog stats
Connect with us

Hi, what are you looking for?

Xiaomi says that ‘very few Indians’ might have been affected by flaw that allowed users to see strangers’ images

Update: Xiaomi told MediaNama that “a very small number of users in India were potentially affected by the issue,” where Xiaomi smart security camera users accessing the feed via Google’s Nest Hub could see strangers’ images. It told us that the company was “aware [that] there was an issue of receiving stills while connecting Mi Home Security Camera Basic 1080p on Google Nest Hub”. The company did not reveal the exact number of Indian users that might have been affected due to this flaw, and clarified that it hasn’t received any reports from Indian users thus far.

Xiaomi claimed to have solved the issue, and further stated that “the issue was caused by a cache update on December 26, 2019, which was designed to improve camera streaming quality,” and blamed “poor network conditions” for causing the issue. It further said:

“We have also found 1044 users were with such integrations and only a few with extremely poor network conditions might be affected. This issue will not happen if the camera is linked to the Xiaomi’s Mi Home app.” — Xiaomi

Yet again, the company hasn’t clarified the number of people that might have been affected from the vulnerability. Interestingly, Xiaomi also said that it “has communicated and fixed this issue with Google, and has also suspended this service until the root cause has been completely solved”. This suggests that Xiaomi is only banking on “poor network conditions” to justify the flaw, and is still uncertain about the “root cause”.

Earlier: A user of Xiaomi’s Mijia, a smart home security camera, said on Reddit that their Google Nest Hub smart display started showing images from strangers’ cameras, including a sleeping baby in a crib. This was first reported by Android Police. At this moment it is unclear what exactly caused this problem. A Google spokesperson confirmed to MediaNama that the company has disabled Xiaomi’s integration on its devices as a result of this problem, and issued the following statement:

“We’re aware of the issue and are in contact with Xiaomi to work on a fix. In the meantime, we’re disabling Xiaomi integrations on our devices.” — Google

Google did not give reasons behind the issue, and did not clarify if this is an isolated instance. We have reached out to Xiaomi for more information.

Advertisement. Scroll to continue reading.

How do Xiaomi’s camera and Google’s Nest Hub work? The Google Nest Hub is essentially a smart home display which can be connected to security cameras, like Xiaomi’s Mijia. Users can then play feeds captured from the security cameras on the Nest Hub display, except in this case, the user started seeing images from someone else’s camera! The user was running the current firmware of the Xiaomi Mijia camera (3.5.1_0066).

Could users in India have been affected? Xiaomi launched a security camera in India in 2018, and Google’s Nest Hub smart display was launched here in 2019. At this moment, it isn’t clear if Indian users of these devices have also been affected by this vulnerability. Google did not clarify this, and we are awaiting a response from Xiaomi.

A word of caution: The Android Police report does caution that this could be an “elaborate hoax”, however, clarifies that since the issue appears intermittently, and shows still images rather than video footage, it could potentially be a “pretty high-effect for a fake”. It is worth mentioning that the thread on Reddit, where the user had talked about the problem, has been locked by moderators of Google Home.

How secure are security cameras? This isn’t the first time “smart” security cameras have displayed vulnerabilities.

  • In December 2019,  a vulnerability in Wyze’s smart home cameras and devices compromised the data of about 2.4 million customers, including information like usernames, email addresses, camera nicknames, device models, firmware information, Wi-Fi SSID details, API tokens for iOS and Android, The Verge had reported.
  • The same month, a user of Amazon’s Ring security camera in USA’s Mississippi said that a stranger gained control over the camera and could see and talk to his 8 year old daughter via the camera.

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ