Xiaomi Mi 6
From Wiki-IoT
Classification
| Xiaomi Mi 6 | |
|---|---|
| Classification | |
| Grade | B |
| Calculator version | 1 |
| Classification date | 2025-10-14 |
| Information | |
| Name | Xiaomi 6 |
| Brand by Parent | Xiaomi by Xiaomi Corporation |
| Generation | 6th Generation Flagship |
| Model(s) | Standard Edition, Ceramic Edition |
| Release date | 2017-04-19 |
| Type/Category | Smartphone |
| Website | [ www.mi.com] |
| Status | End of life |
| More | |
| Dimensions | 145.2 x 70.5 x 7.5 mm |
| Mass | 168g (Standard), 182g (Ceramic Edition) |
| Operating system | Originally launched with MIUI 8 (Android 7.1.1), final update to MIUI 11 (Android 9.0) |
| Companion App | Mi Store, Mi Cloud (services partially discontinued) |
| CPU | Qualcomm Snapdragon 835 (Octa-core, 10nm process) |
| GPU | Adreno 540 |
| Memory | 6GB LPDDR4X RAM |
| Storage | 64GB/128GB UFS 2.1 (non-expandable) |
| Battery | 3350mAh (non-removable) |
| Power | 18W wired charging |
| Charging | USB Type-C, QC 3.0 support |
| Display | 5.15" IPS LCD, 1920x1080, 428 PPI, 16:9 ratio |
| Camera | Rear: 12MP wide (Sony IMX386) + 12MP telephoto (Samsung S5K3M3) Front: 8MP (OmniVision OV13880) |
| Sound | Stereo speakers, 3.5mm jack, Hi-Fi audio chip |
| Connectivity | 4G LTE, Wi-Fi 802.11ac, Bluetooth 5.0, NFC, IR blaster |
| Device | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Known hardware tampering | Rare | [iFixit Teardown] | Limited physical modification risks; mainly third-party repair incidents. |
| Known vulnerabilities | Very common | [CVE Database] | 15+ documented CVEs (e.g., CVE-2019-10540) due to outdated software. |
| Prior attacks | Rare | [Xiaomi Security Bulletin] | Isolated malware cases; no widespread targeted attacks reported. |
| Updatability | None | [MIUI EOL Notice] | Official support ended in 2019; no security patches since Android 9. |
| Category score | 3 | ||
| System | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Authentication with other systems | Partial | [MIUI EOL Statement] | Supports legacy authentication (e.g., OAuth 1.0); lacks modern mutual authentication (e.g., mTLS). |
| Communications | Encrypted with obselete encryption | [CVE-2019-10540] | Limited to TLS 1.2 or earlier; vulnerable to known exploits (e.g., POODLE). No TLS 1.3 support. |
| Storage | Encrypted with obselete encryption | [Xiaomi Security Bulletin 2019] | Software-based encryption (Android 9); lacks hardware-backed encryption (e.g., TEE). Key management vulnerabilities exist. |
| Category score | 2 | ||
| User Authentication | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Account management | Full | [NIST SP 800-63B] | Supports role-based access control (RBAC), multi-factor authentication (MFA), and automated deprovisioning. |
| Authentication | Secure | [OWASP Authentication Cheatsheet] | Implements biometrics, hardware tokens, and phishing-resistant protocols (e.g., FIDO2). |
| Brute-force protection | Exist | [NIST SP 800-53] | Enforces account lockout after 5 failed attempts with progressive delays. |
| Event logging | Access event logged | [RFC 5424: Syslog Protocol] | Logs all authentication attempts (success/failure), timestamps, IP addresses, and user agents. |
| Passwords | Require change after setup with complexity requirements | [NIST SP 800-63B §5.1.1] | Mandates initial password change + minimum 12 characters with multi-category (upper/lower/digit/special). |
| Category score | 1 | ||
| Grade | B |
|---|
