You’ve probably heard that Android smartphones are less secure than their iOS counterparts. And thought, whatever. As long as you set your app permissions and security settings correctly, there shouldn’t really be an issue, right?
Well, not really. Recent research has shown that hundreds, if not thousands, of apps have found a loophole in Android’s permission system; transmitting your device’s unique identifier and possibly location data as well. And if you set app permissions to prevent it from accessing personal data, the app can still access the data obtained by another app that has it in shared storage.
This is made possible by the fact that many apps are build using the same software development kits (SDK); the owners of these kits are also receiving this data, allegedly. If you’re wondering what apps are vulnerable, the list even includes apps from Samsung and Disney—pretty scary stuff.
These utilise SDKs built by Chinese company, Baidu, as well as an analytics firm called Salmonads. In fact, researchers found that apps developed using Baidu’s SDK may actually be storing this data as well.
There is more. Some apps also transmit the unique MAC addresses in your network and router, as well as your wireless access point and SSID. But the study, which was presented at PrivacyCon 2019, specifically mentions Shutterfly, the image processing app; the app sends GPS coordinates back to its serves regardless of permission settings. This data, according to the study, is taken from EXIF metadata within the photos. This allegation has been denied by Shutterfly, however.
Google has been notified on the vulnerabilities within the system, which should mean that the loopholes will be patched in the upcoming Android Q update. But that doesn’t help the remaining Android users—especially devices that will not support Android Q when it’s officially rolled out.
Google hasn’t officially commented on the issue as of yet, but The Verge reports that Android Q will be hiding geolocation info from photo apps, while permissions should be tightened on accessibility to location metadata for apps.
[ SOURCE ]
JomCharge x DBKL street-level EV charger deployment continues and the latest location is in Sri…
This post is brought to you by Nissan. For many Malaysian families, the idea of…
Besides deploying more DC Chargers in Penang Island in partnership with MBPP, Gentari has just…
BMW has officially revealed the updated 7th generation BMW 7 Series (G70), and this isn’t…
Aside from the big boss Find X9 Ultra, Oppo Malaysia has also introduced another member…
The Honor 600 and Honor 600 Pro have finally made their launch in Malaysia, making…
This website uses cookies.