Personal Data Leaks Found on Android App

Most Android users have probably been shocked, if not ended up protesting, when they found out that some applications in the Android OS have been found to be capable of sending to “online advertisers” personal data without any authorization. The application that was used to find this out was TaintDroid which, after having been made by researchers to monitor about 30 commonly used Android applications, spotted 68 cases where personal data may have been used without authorization from users. This was in a study conducted by a research team coming from Penn State Univeristy, Duke University, and Intel Labs.

Personal Data Leaks Found on Android App Personal Data Leaks Found on Android App

Apparently these applications that run on Google’s open source operating system have been way too liberal with granting advertisers access to information. Out of the 30 popular Android applications monitored by TaintDroid via real-time privacy monitoring, 20 were responsible for all the 68 detections fell under the classification of misuse of private user information.

Half of those 30 applications sent the locations of users to remote advertising servers. Seven of those applications got device IDs, SIM card serial numbers and phone numbers of users and relayed them to those servers. Unauthorized data was sent with a frequency as much as every 30 seconds. Advertisements didn’t even have to appear on your screen for these applications to send all that private data.

TantDroid is an application that alerts you when your data is being relayed to someone else as well as label information that’s supposed to be considered as private. It records all the data activity with the use of files, messages, and other program variables.

After this matter was brought to Google’s attention, it responded by saying that Applications on the Android always notify and request the authorization of users for access to personal user information prior to installation. This, however, does not show that they notify users how the accessed data is being used. These applications don’t explain what the data is for.

Unauthorized access to personal data is perhaps the heart of all security issues. This is where problems ranging from SPAM to identity fraud originate, and cause lots of problems among private individuals. Considering the findings above, it’s only natural for users like us to be concerned. What’s even worse is that other devices like the iPhone have also been reported to engage in this kind of activity as well. Right now, we have to be more careful about which applications we’re going to trust, because it seems that asking for permission isn’t enough of a security measure anymore.

Filed Under: NewsSoftware & Applications

Tags: , ,

Leave a Reply

If you want a picture to show with your comment, go get a Gravatar.