You’ve probably heard that Android smartphones are less secure than their iOS counterparts. And thought, whatever. As long as you set your app permissions and security settings correctly, there shouldn’t really be an issue, right?
Well, not really. Recent research has shown that hundreds, if not thousands, of apps have found a loophole in Android’s permission system; transmitting your device’s unique identifier and possibly location data as well. And if you set app permissions to prevent it from accessing personal data, the app can still access the data obtained by another app that has it in shared storage.
This is made possible by the fact that many apps are build using the same software development kits (SDK); the owners of these kits are also receiving this data, allegedly. If you’re wondering what apps are vulnerable, the list even includes apps from Samsung and Disney—pretty scary stuff.
These utilise SDKs built by Chinese company, Baidu, as well as an analytics firm called Salmonads. In fact, researchers found that apps developed using Baidu’s SDK may actually be storing this data as well.
There is more. Some apps also transmit the unique MAC addresses in your network and router, as well as your wireless access point and SSID. But the study, which was presented at PrivacyCon 2019, specifically mentions Shutterfly, the image processing app; the app sends GPS coordinates back to its serves regardless of permission settings. This data, according to the study, is taken from EXIF metadata within the photos. This allegation has been denied by Shutterfly, however.
Google has been notified on the vulnerabilities within the system, which should mean that the loopholes will be patched in the upcoming Android Q update. But that doesn’t help the remaining Android users—especially devices that will not support Android Q when it’s officially rolled out.
Google hasn’t officially commented on the issue as of yet, but The Verge reports that Android Q will be hiding geolocation info from photo apps, while permissions should be tightened on accessibility to location metadata for apps.
[ SOURCE ]
Just less than a year and a half after the introduction of the X70 “MC2”,…
Nio, the Chinese EV brand popular for its battery swapping network, has officially entered Southeast…
Proton will be rolling out a new variant of the Proton e.MAS 7 electric SUV…
PLUS Malaysia says its Automated Number Plate Recognition (ANPR) open payment tolling pilot is the…
Kota Bharu is getting another high-powered EV charging station with the latest deployment by ChargEV.…
Claimed to be one of the most significant evolutions in the Lego universe since the…
This website uses cookies.