**** The Official Chinese Phones Thread ****

elrasho said:
The UMI Super was a dud. Had high hopes but let down by lots of bugs.
Click to expand...

I wouldn't go so far as to call it that... it is still a fairly new 'phone, and they have just released another OTA firmware update for it today, with some more still to come, I am sure!
 
Upgraded to the global ROM.
Not really impressed that. Uses more ram, still no localisation for EU. Phone feels slower overall marginally and ui feels more fiddly.

Still a great phone but meh. I'm not sure why I bothered flashing. For security and updates? Meh again.

Battery life also is way worse.. I've used 4% already todY compared to other ROM where I'd probably still be showing 99%
 
Last edited:
Originally Posted by elrasho
The Ulefone Future looks appealing. I particularly like the Samsung camera and it has band 20 support too.
Click to expand...

This was the other phone that i was considering with the UMI Super and I only didn't go with it as I got a good deal on the other phone. If that hadn't been the case then I could have well gone with the Ulefone.

Originally Posted by elrasho
The UMI Super was a dud. Had high hopes but let down by lots of bugs.
Click to expand...

I wouldn't agree with that. In normal usage the only downsides I have with it are really the weight and that the camera can take more tweaking to get a good picture than it should. Other than that everything just works like any other smart phone I've used. The battery life is long, it talks to 4G and Wifi fine, GPS locks on reasonably quickly and the fingerprint reader seems fine to me. Remember, as with any technology of this type, the you always get a few people complaining loudly about problems they are having which a lot of other people aren't.

On a different subject came across something on our online forum at work this morning:

Millions of Xiaomi smartphone are affected by a critical remote code execution flaw that could be exploited by hackers to take over the mobile devices.

Millions of Xiaomi mobile are vulnerable to remote hacking due to a critical remote code execution (RCE) vulnerability that could be exploited by hackers to take over the mobile devices.

The flaw was discovered by the IBM X-Force researcher David Kaplan, it resides in the customization of the Android operating system. It affects versions prior to MIUI Global Stable 7.2 which leverages on Android 6.0, it is important to clarify that Xiaomi has already fixed it.

The MIUI is “the flavor of Android” developed by Xiaomi primary for its use, but MIUI builds are freely available for other vendors.

The vulnerability allows an attacker with privileged network access that shares the same network (i.e. A Wi-Fi connection in a public place), to remotely install a malware on the affected devices.

“The vulnerability we discovered allows for a man-in-the-middle (MitM) attacker to execute arbitrary code as the highly privileged Android system user. It has been remediated by Xiaomi from MIUI Global Stable version 7.2, and IBM strongly recommended that users update their firmware as soon as possible to ensure they are not vulnerable.” reported a blog post published on IBM X-Force.

The experts from IBM noticed the presence of various applications in the analytics package of the MIUI that are vulnerable to RCE. The attacker can exploit an MITM attack to inject a JSON response that was specially crafted to force a malicious update that is executed at a system level. Basically, the attacker replaces the link and MD5 hash to of the legitimate Android app with a malicious one.

“The vulnerability resides in the analytics package, which is present in various applications that come with MIUI. All applications with the analytics package are vulnerable to remote code execution via MitM. We identified at least four vulnerable applications in the MIUI developer Rom version 6.1.8, including the built-in browser app. These had differing sets of privileges and capabilities.”

The vulnerable analytics packages were spotted by the experts in at least four default applications, including the default browser app, in the MIUI builds.

The expert highlighted the lack of a cryptographic verification of the update code, this means that the analytics package will replace itself with the malicious one supplied by the attacker.

“Since there is no cryptographic verification of the update code itself, the analytics package will replace itself with the attacker-supplied version via Android’s DexClassLoader mechanism.” continues the post.

The worst aspect of the story is that the analytics package implements a totally insecure update mechanism, it doesn’t use an HTTPS connection to the server for updates, nor it downloads the package over HTTPS, opening the doors to MITM attacks.

The vulnerability could can a significant impact considering that millions of Xiaomi smartphones are vulnerable to remote hacking.

Xiaomi is the world’s third-largest smartphone maker, in 2015 it has shipped over 70 Million devices and its ROM is ported to over 340 different handsets including Nexus, Samsung, and HTC.

Users must update their firmware to version 7.2 as soon as possible.​
http://en.miui.com/thread-262691-1-1.html

See
https://securityintelligence.com/rem...iui-analytics/
Click to expand...
 
Efour said:
Upgraded to the global ROM.
Not really impressed that. Uses more ram, still no localisation for EU. Phone feels slower overall marginally and ui feels more fiddly.

Still a great phone but meh. I'm not sure why I bothered flashing. For security and updates? Meh again.

Battery life also is way worse.. I've used 4% already todY compared to other ROM where I'd probably still be showing 99%
Click to expand...

Try clearing cache and dalvik mate, that's if you have recovery installed.
 
Easiest way, if you go to the updater app and wait for it to load, then tap the 3 dots top right it will give you options, one is to boot into recovery, try that. if you just get a picture of a phone with a cable plugged in then you have no recovery due to locked boot loader.

What is the version of the rom you installed?

I have just installed MIUI 8 global beta via the updater app and I have to say it is pretty good and stable, will keep messing with it, this is going to get updated weekly as well so it can only get better and you don't need to have an unlocked boot loader to update.http://en.miui.com/thread-309121-1-1.html
 
Last edited:
elrasho said:
Ordered the Ulefone Future, will do a review when it arrives.
Click to expand...

Cancelled the order and got an LG G4 instead. Saw it at the Three store and loved the screen and camera. Yes its more expensive but I doubt the ulefone future's camera would come close to the G4s. And I've got a SD CPU which deep down I always wanted :)
 
Had a few hours with the Elephone P9000, so far I'm quite impressed, responsive, screen is superb, weighs pretty much nothing, feels nice in the hand.

Will get it set up properly with my network over the weekend and report back :D
 
Sounds good glad you like it :) I'm currently messing around with my G4. Was hoping because it covers band 20 I'd get 4G in places where I couldn't but maybe 3 don't have 4G in these places.
 
scrivz69 said:
Easiest way, if you go to the updater app and wait for it to load, then tap the 3 dots top right it will give you options, one is to boot into recovery, try that. if you just get a picture of a phone with a cable plugged in then you have no recovery due to locked boot loader.

What is the version of the rom you installed?

I have just installed MIUI 8 global beta via the updater app and I have to say it is pretty good and stable, will keep messing with it, this is going to get updated weekly as well so it can only get better and you don't need to have an unlocked boot loader to update.http://en.miui.com/thread-309121-1-1.html
Click to expand...

oh nice. Yeah my phone seems to be locked.
I never knew Xiaomi was the 3r5d biggest seller in the world until yesterday. Gives me a lot of confidence for future updates.

Whens android 6 in the pipes
 
Thinking about going Chinese Dual Sim for my next phone.
How does this work with WhatsApp? Can I reliably have multiple accounts on the same phone, don't have to use really dodgy hacks to get it going, or are the dodgy hacks reliable?

Cheers!
 
Efour said:
oh nice. Yeah my phone seems to be locked.
I never knew Xiaomi was the 3r5d biggest seller in the world until yesterday. Gives me a lot of confidence for future updates.

Whens android 6 in the pipes
Click to expand...

If your on MIUI 7 I think they have stopped updating that as MIUI 8 is already out and should be available to everyone by the end of August
 
You must log in or register to reply here.
Back
Top Bottom