Android Apps Collect Your Data Without Permission, Report Finds

Thousands of Android apps can bypass permissions and gather enough data to track and identify your phone, according to a new study.
Researchers from the University of Calgary, UC Berkley, and the IMDEA Networks Institute in Spain discovered that apps can circumvent app permissions using covert and side channels.
Side channels allow apps to access protected data without permission; covert channels are used when two apps communicate—one sharing protected data that has been given with permission to another that is lacking those permissions. This data could include MAC addresses, the phone's IMEI, and more.
The study analyzed over 88,000 apps available via the US Google Play Store, and found that apps from huge companies—including Samsung (Health and Browser) and Disney (the Hong Kong Disneyland park app)—with millions of downloads are affected.
The Samsung and Disney apps use software development kits (SDKs) from Chinese search company Baidu and analytics company Salmonads, which means data can move between apps and between the companies' servers through the local storage on your phone.
The study also singled out the Shutterfly app, stating that it sends "precise geolocation data to its own server without holding a location permission." In a comment to CNET, the company denied these claims, saying it only collects location data when it has permission, despite what the researchers discovered.
"Like many photo services, Shutterfly uses this data to enhance the user experience with features such as categorization and personalized product suggestions, all in accordance with Shutterfly's privacy policy as well as the Android developer agreement," the company said.
On the bright side, many of these issues will be fixed with the upcoming Android Q update, but this presents two problems: the first is that not every phone will be updated to Android Q. As of August 2018, just over 10 percent of devices running Android were running Android 9.0 (Pie), with approximately 30 percent running Android Oreo (8.1) and Android Oreo (8.0).
This means privacy and security are at risk of becoming a luxury for those with flagship smartphones, and that Google needs to do more to push customers and companies to update their devices—which, to the company's credit, it is attempting to do.
Serge Egelman, director of usable security and privacy research at ICSI, will reportedly be sharing the details of the 1,325 apps that have been gathering information without user permission at the Usenix Security conference in August.

Views: 44

©ictnews.az. All rights reserved.

Facebook Google Favorites.Live BobrDobr Delicious Twitter Propeller Diigo Yahoo Memori MoeMesto

24 July 2019

23 07 2019

Honor MagicBook Pro launched; features 16.1-inch FHD full-screen display and 8th-gen Intel processor

At the Honor 9X launch event in China, where the company announced the Honor 20 Pro Icelandic Illusion model 

President Trump met with tech CEOs on Monday to discuss Huawei and trade practices

President Donald Trump met with CEOs from Google, Broadcom and other technology companies on Monday 

Virtual Assistant shipments to exceed 2.3 billion in 2023

The market for virtual assistants (VAs) shows strong positive momentum, driven forward by a combination of 

WhatsApp is now available on feature phones with KaiOS

The year of 2018 saw a massive 252% growth in the demand for smart features phones in India even as the

FaceApp creates wave of opportunity for scammers on fake webs and YouTube

The latest hype around the FaceApp application has attracted scammers who want to make some quick profits

Asus’ ROG Phone II is the most spec-heavy gaming phone yet

Asus’s first ROG gaming phone was one of the most maximalist takes on the concept to date, so it’s only appropriate

NVIDIA Launches U.K. Technology Center to Advance AI Research

NVIDIA just launched a new technology center in the UK designed to support groundbreaking research in AI and

2020 iPhone could get blazing-fast display upgrade

The 2020 iPhone generation could bring substantial upgrades, including in the display department.