More than 1,000 Android apps have access to your data without your consent


Android

A new scandal for Google and Android on the use of private data. Applications have managed to circumvent the prohibitions of access to certain data to harvest them anyway. They would be over 1,000.

User data has become an invaluable commodity for businesses. More and more application stories that are abusing this data collection. This leads to questions about our privacy and how these companies manage it.

On Android, an application must ask the user for permission to access certain data such as location, call log or internal storage. If he refuses, the application will not be able to access it. However, more than 1,000 of them would have found a way around this.

Apps games users

Photo metadata to get location

One of the techniques unveiled by research conducted by the International Computer Science Institute is the one used by the photo editing application Shutterfly (downloaded 5 million times on the Play Store ). If access to the location of the device is disabled, it will use the metadata of the image.

Often, when taking a picture, the location system becomes activate to record in the metadata the location of the snapshot. Shutterfly takes the opportunity to walk through the metadata of the photos and therefore it transfer locations on its servers. CNET relayed the response of a company spokesman who totally denied these accusations.

Gizchina News of the week


“Like many photo services, Shutterfly uses this data to enhance the user experience with features such as categorization and personalized product suggestions. All in accordance with Shutterfly’s privacy policy as well as the Android developer agreement,” the company said in a statement.

No access? no problem!

Some apps were relying on other apps that have permission to look at personal data. Piggybacking off their access to gather phone identifiers like your IMEI number. These apps would read through unprotected files on a device’s SD card and harvest data they didn’t have permission to access. So if you let other apps access personal data. And they stored it in a folder on the SD card, these spying apps would be able to take that information.

Read Also:  Android users get three new security features in Apple style

While there were only about 13 apps doing this, they have more than 17 million install times, according to the researchers. This includes apps like Baidu’s Hong Kong Disneyland park app, researchers said.

There are 153 apps that have that capability. Researchers found, including Samsung’s Health and Browser apps, which are installed on more than 500 million devices.

Google has been made aware of these issues and should take action to avoid this kind of abuse on Android Q. You can read the full ICSI report of 1,325 apps misusing and bypassing limitations.

Disclaimer: We may be compensated by some of the companies whose products we talk about, but our articles and reviews are always our honest opinions. For more details, you can check out our editorial guidelines and learn about how we use affiliate links.

Source/VIA :
Previous Samsung Galaxy A100 could be the first true zero bezel phone
Next Qualcomm Snapdragon 215 CPU raises the bar for entry-level phones