This project aims to block all Xiaomi (Mi) hosts and services, effectively disabling the tracking and data collection features found in Xiaomi's MIUI operating system. It provides a comprehensive list of hosts to block, along with instructions for various platforms and methods.
Xiaomi has faced criticism for its aggressive data collection practices and alleged privacy violations. This project enables users to regain control over their privacy by preventing their devices from communicating with Xiaomi's servers and services.
Xiaomi's MIUI/HyperOS operating system gathers extensive telemetry data about devices, including hardware specifications, component information, and usage patterns. This data is then used by Xiaomi to remotely enable, disable, or modify features on specific devices or groups of devices based on their tracking information.
By analyzing the telemetry data collected from your device, Xiaomi can determine its hardware capabilities and performance characteristics. The company then uses this information to selectively enable or disable certain features, ostensibly to optimize the user experience or ensure compatibility. However, this level of remote control raises significant privacy and security concerns.
Xiaomi can potentially disable features or functionalities on devices without the user's knowledge or consent, effectively limiting the capabilities of devices that users have paid for. In some cases, Xiaomi may choose to disable features on certain devices based on their tracking data, creating artificial segmentation within their product lineup. This could be done to encourage users to upgrade to newer models or to limit the capabilities of devices in specific regions or markets.
Xiaomi's MIUI operating system is known for its aggressive data collection practices, which often happen without the user's explicit consent or knowledge. Here's how Xiaomi collects and transmits your data:
Many of Xiaomi's pre-installed system apps and services constantly communicate with Xiaomi's servers, sending various pieces of data about your device and usage patterns. These requests often include sensitive information such as your IMEI (device identifier), carrier details, region, and application versions.
Blocking Xiaomi services through the host file of a project might not be entirely effective because applications like GetApps and other Chinese apps can bypass this block and still connect to their servers. Therefore, to ensure these applications do not connect to their servers, you need to remove them using ADB (Android Debug Bridge). Another option is to install a clean version of Android, which has fewer pre-installed applications to remove. However, you will still need to perform some cleaning to ensure all unwanted apps are removed.
Even when using third-party apps, Xiaomi collects data about the apps you install and how you interact with them. This data is then transmitted to Xiaomi's servers without your knowledge or consent.
To illustrate the extent of Xiaomi's data collection, here are some examples of the requests sent by Xiaomi's apps and services:
Example 1: Content-Type: application/x-www-form-urlencoded User-Agent: Dalvik/2.1.0 (Linux; U; ANDROID_VERSION; DEVICE_MODEL Build/BUILD_NUMBER) Host: api.sec.miui.com Connection: close Accept-Encoding: gzip, deflate, br Content-Length: 250
appVersion=XXXXXXXX&carrier=XXXXX&device=XXXXX&miuiVersion=XXXXX¶m=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX®ion=XX&versionType=XXXXX&sign=XXXXXXXX Param base64 encoded string = {"imei":"md5hashed","dataVersion":0,"isDiff":false}
Example 2: POST https://sdkconfig.ad.xiaomi.com/api/v4/detail/config\_common/ HTTP/1.1 Content-Type: application/x-www-form-urlencoded User-Agent: Dalvik/2.1.0 (Linux; U; ANDROID_VERSION; DEVICE_MODEL Build/BUILD_NUMBER) Host: sdkconfig.ad.xiaomi.com Connection: close Accept-Encoding: gzip, deflate, br Content-Length: 154
ii=X&oa=&ob=X&sv=X.X.X&re=XX&av=XX&appVer=XX.X.X.XXXXXXX&ov=XXXXX&platform=Android&ml=XXXXXXXX&sign=XXXXXXXXXXXXXXXXXXXXXXXX
re = region ml = phone model ov = xioami phone os
- Comprehensive list of Xiaomi hosts to block
- Support for various platforms (e.g., Windows, Linux, Android)
- Instructions for different blocking methods (hosts file, firewall rules, DNS filtering)
- Regular updates to keep up with new Xiaomi hosts and services
- Download the
hostsfile from thewindowsdirectory. - Open the downloaded file with a text editor (e.g., Notepad).
- Copy the contents of the file.
- Navigate to
C:\Windows\System32\drivers\etc. - Open the
hostsfile with administrator privileges. - Paste the contents at the end of the file.
- Save the file.
For detailed instructions and alternative methods (e.g., using a firewall or DNS filtering), refer to the windows directory.
- Set up a custom DNS server like Pi-hole, AdGuard Home, or use a third-party app like AdGuard.
- If using Pi-hole or AdGuard Home, configure your Android device to use the custom DNS server's IP address.
- If using the AdGuard app, follow the app's instructions to set it up as a local VPN on your device.
- In your DNS server or AdGuard app, add custom filtering rules to block the Xiaomi hosts. You can find a comprehensive list of hosts in the
androiddirectory of this repository. - Optionally, you can use the AdGuard app's custom rules feature to add the Xiaomi host blocking rules directly within the app.
Contributions are welcome! If you find any new Xiaomi hosts or have improvements to suggest, please open an issue or submit a pull request.
This project is licensed under the MIT License.
This project is provided as-is, without any warranties or guarantees. Use at your own risk. The authors of this project are not responsible for any consequences resulting from its use.