HyperOS 3: Over Xiaomi 20 devices excluded from new software release

[Redaktion]

Xiaomi is bringing support to an end for over 20 devices before the end of the year. From the Poco F4 to the Xiaomi 12X, numerous devices will reach end-of-life status soon and have not been added to HyperOS 3 rollout schedules in the meantime.

https://www.notebookcheck.net/HyperOS-3-Over-Xiaomi-20-devices-excluded-from-new-software-release.1131046.0.html

[Enma45]

One of the things I like least about Xiaomi is their operating system update policy—only 4 years of updates.  Samsung offers 7 years, so the difference is huge, and Samsung is clearly doing a much better job. If you're someone who takes good care of their phone, I would choose Samsung without hesitation; software updates are essential for phone security.

[heffeque]

One of the things I like least about Xiaomi is their operating system update policy—only 4 years of updates.  Samsung offers 7 years, so the difference is huge, and Samsung is clearly doing a much better job. If you're someone who takes good care of their phone, I would choose Samsung without hesitation; software updates are essential for phone security.

For high-end it's 4 Android updates, and 5 or 6 HyperOS updates.
But yeah... not ideal that software updates only last for 6 years.

[Bona]

One of the things I like least about Xiaomi is their operating system update policy—only 4 years of updates.  Samsung offers 7 years, so the difference is huge, and Samsung is clearly doing a much better job. If you're someone who takes good care of their phone, I would choose Samsung without hesitation; software updates are essential for phone security.

Samsung embeds spyware in most of their phone models in a controversial agreement with Israeli firm IronSource. If you actually care about your security then Samsung should be the last brand you turn to.

[A]

One of the things I like least about Xiaomi is their operating system update policy—only 4 years of updates.  Samsung offers 7 years, so the difference is huge, and Samsung is clearly doing a much better job. If you're someone who takes good care of their phone, I would choose Samsung without hesitation; software updates are essential for phone security.

The worst thing that I hate about is how updates make it worse instead of better. I especially hate Xiaomi's terrible memory management where it is too aggressive with no way to turn it off.

Samsung embeds spyware in most of their phone models in a controversial agreement with Israeli firm IronSource. If you actually care about your security then Samsung should be the last brand you turn to.

Which one doesn't embed spyware in their phones? The whole google services is spyware and I wouldn't be surprised if Xiaomi has even more from the Chinese government. (And before anyone says Apple, that is loaded with spyware too)

If you care about privacy, then you'd get a custom rom with something like lineageos or maybe graphite. Otherwise, privacy in modern phones is a dream and has been for over a decade when CarrierIQ was first found on phones.

[Bona]

Samsung embeds spyware in most of their phone models in a controversial agreement with Israeli firm IronSource. If you actually care about your security then Samsung should be the last brand you turn to.

Which one doesn't embed spyware in their phones?

A non-profit organization analyzed Samsung phones and found this:

According to our analysis, this intrusive software is unremovable, deeply integrated into the devices' operating system, making it nearly impossible for regular users to uninstall it without root access, which voids warranties and poses security risks. Even disabling the software is not effective as it can reappear after system updates.

The privacy policy is opaque, there is no accessible and transparent privacy policy for this software and users are in the dark about what data is collected and how it is used. There is also no straightforward opt-out mechanism. The software collects sensitive user data, including biometric information, IP addresses, device fingerprints.

The installation of AppCloud is done without any consent from the user, which violates GDPR provisions in the EU and relevant data protection laws in the WANA region states.

AppCloud is developed by ironSource, an Israel-founded company (now acquired by American company Unity), raising additional legal and ethical concerns in countries where Israeli companies are barred from operating, such as Lebanon. ironSource is notorious for its questionable practices regarding user consent and data privacy.

If you could provide us with independent reports on all the phone manufacturers and their models that collect and send the user's most sensitive and personal data over to bad actors the way Samsung phones do, then that would be welcomed. Otherwise, i would refrain from making unsubstantiated accusations about every other phone manufacturer based on what one manufacturer (Samsung) in particular is doing.

The whole google services is spyware

Perhaps you could expand on that. If for example your idea of Google 'spyware' is that they track which apps you visit in the Play store,then surely that's a different matter altogether then collecting and sending over your most sensitive and personal data without your knowledge and consent like Samsung does with IronSource.

and I wouldn't be surprised if Xiaomi has even more from the Chinese government. (And before anyone says Apple, that is loaded with spyware too)

We're floating into conspiracy theory territory a bit now aren't we...

If you care about privacy, then you'd get a custom rom with something like lineageos or maybe graphite. Otherwise, privacy in modern phones is a dream and has been for over a decade when CarrierIQ was first found on phones.

If we follow your logic that every phone manufacturer does what Samsung is doing, then why are you recommending people to keep using their hardware. Shouldn't you be shifting people away from smartphones you distrust (every smartphone in the world)?

[Kingsley]

I'm planning on getting a flagship as my primary device, My two picks rn is the iPhone 12 pro series and the Xiaomi 12

What's your best advice?
Thanks a Bunch

[Butch]

Numerous reports and investigations from cybersecurity researchers, government agencies, and journalists have raised serious concerns about its potential for Xiaomi data collection and surveillance.

1.Key findings and controversies
a.History of data collection and transmission
1)Initial findings (2014): A user discovered that a Xiaomi Redmi Note was sending private data, including photos and texts, to servers in Beijing. The data transfer allegedly occurred even with Xiaomi's cloud messaging service disabled. Xiaomi responded by stating that data collection was for providing cloud services and later offered international users the option to store their data on servers outside of mainland China.
2)Incognito mode tracking (2020): A Forbes investigation reported that Xiaomi's built-in browser collected user data, including incognito browsing activity, and sent it to servers in China. Cybersecurity researchers confirmed that the data, though anonymized, was poorly encrypted and could be easily de-anonymized. Xiaomi acknowledged the data collection but claimed it was anonymized and done with user consent.
b.Government and security agency warnings
1)Lithuanian Ministry of National Defence (2021): Lithuania's National Cyber Security Centre advised citizens to stop using Xiaomi phones, citing a built-in censorship capability that could be remotely activated. The blacklist included terms like "Free Tibet" and "democracy movement". Xiaomi denied the allegations and hired a third-party firm to audit its privacy practices.
2)United States sanctions (2021): The U.S. government temporarily placed Xiaomi on a blacklist, claiming it was a company "owned or controlled" by the People's Liberation Army. While a court later blocked the ban and the designation was removed, it highlighted significant U.S. government concerns about potential ties between Chinese companies and the state.
3)Indian government warnings (2025): The Indian Computer Emergency Response Team (CERT-In) issued a security warning concerning a flaw in Xiaomi's Mi Connect service app that could expose sensitive user data on various Xiaomi devices, including phones, laptops, and TVs.
Legal and regulatory environment in China
As a company based in China, Xiaomi is subject to China's National Intelligence Law, which can compel any Chinese organization or citizen to "support, assist and cooperate with the state intelligence work". This legal framework provides the government with a mechanism to compel companies to turn over data, even without specific user consent.
Third-party analysis
4)University of Edinburgh research (2023):
Researchers found that several top Chinese phone brands, including Xiaomi, collect large amounts of sensitive user data through their custom operating systems and pre-installed apps.
5)Oversecured vulnerabilities (2024): A security firm discovered 20 "dangerous" vulnerabilities in various Xiaomi apps and system components. These flaws could potentially be exploited to steal files, disclose account data, and execute commands with system privileges. Xiaomi has since addressed these vulnerabilities through security updates.