“When a user wants to download an Android app, a permissions screen is displayed that explains exactly what data and resources the app has access to, and users must click ‘OK’ before the download can proceed,” Mills reports. “The report suggests that users can be at risk because they are not told how the apps use their data. ‘Android’s course-grained access control provides insufficient protection against third-party applications seeking to collect sensitive data,’ the report, entitled ‘Realtime Privacy Monitoring on Smartphones,’ said.”
Mills reports, “Specifically, the researchers found that two-thirds of the 30 apps in the sample used sensitive data suspiciously, half share location data with advertising or analytics servers without requiring ‘implicit or explicit user consent,’ and one-third expose the device ID, sometimes with the phone number and the SIM card serial number. In all, the researchers said they found 68 instances of potential misuse of users’ private information across 20 applications.”
Read more in the full article here.
MacDailyNews Take:
[Thanks to MacDailyNews Reader “crabapple” for the heads up.]
A sample of 30 Apps !! Hardly representative now is it ??
I could pick 30 iphone apps and say all iphone apps make fart noises, which was very “suspicious”…
MDN’s take is a FLASH video?
Click-to-Flash and I both say “no thanks.”
MDN’s take is a FLASH video?
Click-to-Flash and I both say “no thanks.”
@HeadCheese – plays on my iPad.
@HeadCheese – plays on my iPad.
Interesting… Click-To-Flash blocks it on my iMac.
Interesting… Click-To-Flash blocks it on my iMac.
Black is white. Apple offers safe and secure computing; Google spins it as a “walled garden.”
Black is white. Apple offers safe and secure computing; Google spins it as a “walled garden.”
HeadCheese,
Click to flash is just a proxy that gates the execution (and display) of lfash content, it still appears to the website (in the case youtube) they you are a flash enabled user.
Those who connect via a non flash device (like an iPad) are fed a h.264 stream.
Many sites are doing this now (adaptive content) because of the huge number of non flash devices are too big a segment of the market to ignore. (or they ignore them at their own peril)
HeadCheese,
Click to flash is just a proxy that gates the execution (and display) of lfash content, it still appears to the website (in the case youtube) they you are a flash enabled user.
Those who connect via a non flash device (like an iPad) are fed a h.264 stream.
Many sites are doing this now (adaptive content) because of the huge number of non flash devices are too big a segment of the market to ignore. (or they ignore them at their own peril)
@Uncle Fester’s Cousin
Clear. Concise. Helpful. Thanks for the info. Now I know. My best to your cousin.
@Uncle Fester’s Cousin
Clear. Concise. Helpful. Thanks for the info. Now I know. My best to your cousin.
@Headcheese
Set clicktoflash to tell youtube to load HTML 5 and h.264
That way the flash never even shows up, just html 5.
@Headcheese
Set clicktoflash to tell youtube to load HTML 5 and h.264
That way the flash never even shows up, just html 5.
Just to agree with Big Blue above, 30 apps is highly unlikely to be an appropriate sample size for the android market. The article does state that this was mostly to test out their new tool, but still they don’t need to add to sensationalist headlines when the average person has the statistical skills of a monkey.
Just to agree with Big Blue above, 30 apps is highly unlikely to be an appropriate sample size for the android market. The article does state that this was mostly to test out their new tool, but still they don’t need to add to sensationalist headlines when the average person has the statistical skills of a monkey.
When it’s so easy to download, install all kinds of Apps on a Smartphone I think that a controlled inviroment is in order like Apple has.
When it’s so easy to download, install all kinds of Apps on a Smartphone I think that a controlled inviroment is in order like Apple has.
And how is this much different that Apple’s Safari or Apps?
If your not private surfing with Firefox, and the add-ons of BetterPrivacy, Ad Block Plus, Ghostery, NoScript, TrackMeNot and WOT, your taking your chances.
If you entered your personal info upon a new OS X install it’s giving out your personal info to everyone.
If you don’t reboot your Mac after visiting sites you rather not anyone know about (besides your ISP) a simple terminal command can recover those sites visited, no root needed.
If you don’t install a OS X outgoing firewall, any website can make your browser make unauthorized unseen connections. This happens a lot on the iPad and likely any iOS device as Apple will not allow certain software on their App Store.
And how is this much different that Apple’s Safari or Apps?
If your not private surfing with Firefox, and the add-ons of BetterPrivacy, Ad Block Plus, Ghostery, NoScript, TrackMeNot and WOT, your taking your chances.
If you entered your personal info upon a new OS X install it’s giving out your personal info to everyone.
If you don’t reboot your Mac after visiting sites you rather not anyone know about (besides your ISP) a simple terminal command can recover those sites visited, no root needed.
If you don’t install a OS X outgoing firewall, any website can make your browser make unauthorized unseen connections. This happens a lot on the iPad and likely any iOS device as Apple will not allow certain software on their App Store.
What’s with the demented paranoia, Bizzarro? Just how illegal are your kinks?
What’s with the demented paranoia, Bizzarro? Just how illegal are your kinks?
Ho hum. More of the same:
“… the researchers said they found 68 instances of potential misuse of users’ private information across 20 applications.”
It’s called ANDROID HELL.
I get to sit back and watch while the Google Trolls rant and rave that Android Hell isn’t real. Have fun with that kids. I’m just gonna laugh while I play with my far safer iDevices.
Ho hum. More of the same:
“… the researchers said they found 68 instances of potential misuse of users’ private information across 20 applications.”
It’s called ANDROID HELL.
I get to sit back and watch while the Google Trolls rant and rave that Android Hell isn’t real. Have fun with that kids. I’m just gonna laugh while I play with my far safer iDevices.