Android apps caught covertly sending GPS data to advertisers

davesw

New Member
Bronze
Feb 7, 2010
45
0
0
The results of a study conducted by researchers from Duke University, Penn State University, and Intel Labs have revealed that a significant number of popular Android applications transmit private user data to advertising networks without explicitly asking or informing the user.
 

kdarling

New Member
Bronze
Jun 20, 2007
425
1
0
NJ, NC, CO
Typical publicity seeking article.

There have been iOS apps found to do similar things, such as a tip calculator that was sending all your Contacts information to someplace in China.

On Android, it's pretty easy for groups to find and monitor potentially offending apps, since every app has to declare what resources it wants access to, and the user has to agree. So if a tip calculator wants access to your Contacts and the Internet, it stands out like a sore thumb.

On iOS, there's no such indication as to what an app is doing under the covers, so hidden transmissions like that iOS tip calculator are much harder to discover. Who knows how many apps have timed Trojans waiting to come alive and steal info?

Apple's vetting of apps doesn't find stuff like that either. Witness the recent example of a flashlight app that had a secret WiFi hotspot built into it.

In any case, it should be no surprise that advertising code on any phone sends GPS and other info. Any device with Google Maps also does that. Any iOS device with 3.2 or later also constantly sends GPS and surrounding WiFi hotspot info back to the Apple mothership.

I think that every mobile device needs a log of internet accesses by app, that a user can check once in a while.
 

Lunfai

Member
Bronze
Sep 16, 2010
442
3
18
I have one and I'm not surprised, a typical Android application would show you what access it has before you choose to install it, some of the applications have really shady requirements hence I'm not surprised how easy they couldn't implemented a tracker within their apps. This hurts Android more because a sheer amount of their applications are just crap, and these could be disguises to attract niche market and attack them. The user should ALWAYS check the required permissions and evaluate them before installing anything, but then again maybe that's just asking way too much from the user. From Apples point of view, I have no idea what to say since I don't even know how to see what access it has when installed.


Sent from my iPhone using iCafe app
 

kdarling

New Member
Bronze
Jun 20, 2007
425
1
0
NJ, NC, CO
kdarling, do you have an Android phone?
Being a mobile developer for the past decade, I use and program various handhelds. So yes, I have an Android phone (along with RIM, iOS, WM, CE and J2ME devices). Why?

I suspect most advertising code sends GPS data. No surprise. Do you remember the brouhaha over iPhone apps that were doing that? Multiple iPhone apps using Pinch Media ad code was doing that and more, including some of our Facebook info.

For that matter, both Apple and Google use us to map WiFi hotspots along with our GPS location, and send that data home to the respective motherships.

As other studies have noted, a larger percentage of iOS apps grab access to location info they probably don't need, than with Android. I just bear in mind that with both systems, there are a lot of novice programmars who have accidentally left in sample code they originally used.

There is no 100% safe system. (Okay, maybe Blackberry.) People just need to use common sense. If you see a free version of Tetris from a developer in Nigeria and it wants your location data, that's probably a bad sign, no matter what OS it uses :)
 

Lunfai

Member
Bronze
Sep 16, 2010
442
3
18
Being a mobile developer for the past decade, I use and program various handhelds. So yes, I have an Android phone (along with RIM, iOS, WM, CE and J2ME devices). Why?

I suspect most advertising code sends GPS data. No surprise. Do you remember the brouhaha over iPhone apps that were doing that? Multiple iPhone apps using Pinch Media ad code was doing that and more, including some of our Facebook info.

For that matter, both Apple and Google use us to map WiFi hotspots along with our GPS location, and send that data home to the respective motherships.

As other studies have noted, a larger percentage of iOS apps grab access to location info they probably don't need, than with Android. I just bear in mind that with both systems, there are a lot of novice programmars who have accidentally left in sample code they originally used.

There is no 100% safe system. (Okay, maybe Blackberry.) People just need to use common sense. If you see a free version of Tetris from a developer in Nigeria and it wants your location data, that's probably a bad sign, no matter what OS it uses :)
What's wrong with Nigeria? I inherited $6,000,000 from some women's rich dead dad, and now I'm over the moon, o wait.
 

Watcher

Zealot
Gold
Mar 29, 2009
1,785
30
48
Phoenix, AZ
Being a mobile developer for the past decade, I use and program various handhelds. So yes, I have an Android phone (along with RIM, iOS, WM, CE and J2ME devices). Why?
Just a question because it sounded like you spoke from experience with all types of handsets.