Xiaomi Mi Mix 2 Unlock security risks

[brian0306]

Hi everyone,

I've recently unlocked my Xiaomi Mi Mix 2 that came with the chinese rom so that I could install the global rom.

I've been using it for a while and when I opened a banking app, I get the following message:

Warning
It seems your device has had unauthorized modifications to its operating system. Using this device for your banking could compromise the security of your personal information.

I didn't think unlocking the phone would be this much of a risk. I don't understand too much about the technology behind this so I wanted to see if anyone could explain whats happening and if I should refund my phone.

Thanks!

 

[KevinLuong]

Hi everyone,

I've recently unlocked my Xiaomi Mi Mix 2 that came with the chinese rom so that I could install the global rom.

I've been using it for a while and when I opened a banking app, I get the following message:

Warning
It seems your device has had unauthorized modifications to its operating system. Using this device for your banking could compromise the security of your personal information.

I didn't think unlocking the phone would be this much of a risk. I don't understand too much about the technology behind this so I wanted to see if anyone could explain whats happening and if I should refund my phone.

Thanks!

You are probably using the global dev rom which doesn't pass Safetynet for various reasons. You shouldn't have any issues with the global stable rom.

 

[Mr_Bartek]

Don't listen to the guy above. Flash Global Stable ROM if you haven't already and lock your bootloader. From then on all will be good.

 

[KevinLuong]

Don't listen to the guy above. Flash Global Stable ROM if you haven't already and lock your bootloader. From then on all will be good.

...

I said pretty much exactly the same thing as you?

 

[Mr_Bartek]

It won't matter whether he uses Dev or Stable if his bootloader is left unlocked. He needs both Global Stable and a locked bootloader.

 

[brian0306]

It won't matter whether he uses Dev or Stable if his bootloader is left unlocked. He needs both Global Stable and a locked bootloader.

How do I lock my bootloader?? I've already unlocked my phone

 

[Mackay53]

How do I lock my bootloader?? I've already unlocked my phone

U don't need to lock the bootloader to get it to work, I'm on the global ROM with unlocked bootloader - safety net passes.

It also passes on Xiaomi EU ROM with unlocked bootloader. Just flash one of those ROMs, install magisk, and set magisk to hide.

 

[Mr_Bartek]

@brian0306, have a look here: https://youtu.be/6u3Pg1JOXkI

 

[jim262]

Hi everyone,

I've recently unlocked my Xiaomi Mi Mix 2 that came with the chinese rom so that I could install the global rom.

I've been using it for a while and when I opened a banking app, I get the following message:

Warning
It seems your device has had unauthorized modifications to its operating system. Using this device for your banking could compromise the security of your personal information.

I didn't think unlocking the phone would be this much of a risk. I don't understand too much about the technology behind this so I wanted to see if anyone could explain whats happening and if I should refund my phone.

Thanks!

I am running Miui 9 global with unlocked bootloader and rooted with Magisk 14.3 and it passes safetynet and Android pay works just fine.

 

[Mr_Bartek]

Guys, I know this is XDA but come on. Guy just wants a working phone without the hassle. He didn't ask for root or methods to bypass Safetynet with Magisk! Locking bootloader on an official Global Stable ROM is all he needs.

 

[Mackay53]

Guys, I know this is XDA but come on. Guy just wants a working phone without the hassle. He didn't ask for root or methods to bypass Safetynet with Magisk! Locking bootloader on an official Global Stable ROM is all he needs.

You forgot to mention they also didn't ask for locking the bootloader either.

 

[Mr_Bartek]

Do you really think someone who says this really cares about bypassing Safetynet?

I didn't think unlocking the phone would be this much of a risk. I don't understand too much about the technology behind this so I wanted to see if anyone could explain whats happening and if I should refund my phone.

Also, don't quote the post you are replying to if it's right above yours. It's bad netiquette.

 

[Mackay53]

Do you really think someone who says this really cares about bypassing Safetynet?


Also, don't quote the post you are replying to if it's right above yours. It's bad netiquette.

Only the poster can decide if they care or not, it's better to have more options than 1.

It's not bad etiquette, it ensures that my comment addresses the comment I want it to address.

 

[ssojyeti2]

Only the poster can decide if they care or not, it's better to have more options than 1.

It's not bad etiquette, it ensures that my comment addresses the comment I want it to address.

+1, installing magisk is definitely the easier fix. Won't need to wipe data or anything

 

[Mr_Bartek]

@ssojyeti2, locking bootloader doesn't wipe data. Stop spreading misinformation. Also how is it easier if you have to flash (or at least boot TWRP) and then flash Magisk zip? To lock BL you need to run one command (fastboot oem lock) and you're done.

 

[Mackay53]

@ssojyeti2, locking bootloader doesn't wipe data. Stop spreading misinformation. Also how is it easier if you have to flash (or at least boot TWRP) and then flash Magisk zip? To lock BL you need to run one command (fastboot oem lock) and you're done.

How exactly is that spreading misinformation?

Ssojyeti2 just clearly said that flashing magisk doesn't wipe your data or anything. Nothing about locking bootloader...

 

[ssojyeti2]

@ssojyeti2, locking bootloader doesn't wipe data. Stop spreading misinformation. Also how is it easier if you have to flash (or at least boot TWRP) and then flash Magisk zip? To lock BL you need to run one command (fastboot oem lock) and you're done.

Stop being so butthurt bro

 

[Twotems]

Guys, I know this is XDA but come on. Guy just wants a working phone without the hassle. He didn't ask for root or methods to bypass Safetynet with Magisk! Locking bootloader on an official Global Stable ROM is all he needs.

Well said. I just got my phone and it's on the Chinese rom. I'm not a rom/flash xda member and I'm leaving my phone on the Chinese rom and stock. Bloat removed or frozen already with a 1.5gb update pending for download tonight (a nice option miui gave me) and a smaller update installed as I switched on the phone. I intend to keep this phone for a few years and I'm not f*cking with anything.

Gapps installed and working perfectly, including contacs sync which was an issue at some point. I haven't tried nfc yet but everything works including irrelevant apps asking for nfc access (lol). Nah, I'll stick with the Chinese rom until there's a compelling reason to change it.