You’ve probably heard that Android smartphones are less secure than their iOS counterparts. And thought, whatever. As long as you set your app permissions and security settings correctly, there shouldn’t really be an issue, right?
Well, not really. Recent research has shown that hundreds, if not thousands, of apps have found a loophole in Android’s permission system; transmitting your device’s unique identifier and possibly location data as well. And if you set app permissions to prevent it from accessing personal data, the app can still access the data obtained by another app that has it in shared storage.
This is made possible by the fact that many apps are build using the same software development kits (SDK); the owners of these kits are also receiving this data, allegedly. If you’re wondering what apps are vulnerable, the list even includes apps from Samsung and Disney—pretty scary stuff.
These utilise SDKs built by Chinese company, Baidu, as well as an analytics firm called Salmonads. In fact, researchers found that apps developed using Baidu’s SDK may actually be storing this data as well.
There is more. Some apps also transmit the unique MAC addresses in your network and router, as well as your wireless access point and SSID. But the study, which was presented at PrivacyCon 2019, specifically mentions Shutterfly, the image processing app; the app sends GPS coordinates back to its serves regardless of permission settings. This data, according to the study, is taken from EXIF metadata within the photos. This allegation has been denied by Shutterfly, however.
Google has been notified on the vulnerabilities within the system, which should mean that the loopholes will be patched in the upcoming Android Q update. But that doesn’t help the remaining Android users—especially devices that will not support Android Q when it’s officially rolled out.
Google hasn’t officially commented on the issue as of yet, but The Verge reports that Android Q will be hiding geolocation info from photo apps, while permissions should be tightened on accessibility to location metadata for apps.
[ SOURCE ]
Edaran Tan Chong Motor (ETCM) has announced that the Nissan Kicks e-Power is now open…
TikTok in partnership with Communications and Multimedia Content Forum of Malaysia (CMCF) have recently organised…
Tesla owners in Malaysia have reported that their vehicles can now perform the Autopark feature.…
After unveiling its latest smartphones, the Asus ROG Phone 9 series, to the world, Asus…
WhatsApp has introduced a new Voice Message Transcripts feature which allows users to easily convert…
This post is brought to you by Maybank. Unlock more than just transactions with MAE’s…
This website uses cookies.