Smartphone apps leak sensitive info to advertisers
September 30th, 2010 - 5:48 pm ICT by ANIWashington, Sep 30 (ANI): Open-to-all smartphone applications from various sources are leaking consumers’ private information to online advertisers, according to a joint study by Intel Labs, Penn State, and Duke University.
Researchers at the participating institutions have developed a realtime monitoring service called TaintDroid that precisely analyses how private information is obtained and released by applications “downloaded” to consumer phones.
TaintDroid is an extension to the Android mobile-phone platform that tracks the flow of sensitive data through third-party applications.
In a study of 30 popular applications, TaintDroid revealed that 15 send users’ geographic location to remote advertisement servers.
The study also found that seven of the 30 applications send a unique phone (hardware) identifier, and, in some cases, the phone number and SIM card serial number to developers.
In all, the researchers identified 68 instances of potentially misused private information by 20 applications.
“We were surprised by how many of the studied applications shared our information without our knowledge or consent,” said William Enck, graduate student, computer science and engineering, Penn State.
“Often, smartphone applications have obvious user interface changes when they use information like your physical location. These cases usually occur in response to the user pressing a button with clear implications. The cases we found were suspicious because there was no obvious way for the user to know what happened or why,” he added.
Smartphones offer a convenient way to download and install third-party applications.
More than 200,000 applications are currently available in Apple’s App Store and over 70,000 in Android’s Market.
“Many of these applications access users’ personal data such as location, phone information, and usage history to enhance their experience,” said Patrick McDaniel, associate professor, computer science and engineering, Penn State.
“But users must trust that applications will only use their privacy-sensitive information in a desirable way,” he added.
Unfortunately, applications rarely provide privacy policies that clearly state how users’ sensitive information will be used, and users have no way of knowing where applications send the information given to them. (ANI)
- Smartphone applications circulate private information - Sep 30, 2010
- Beware: Ads in mobile apps fraught with security risk - Mar 20, 2012
- Your iPhone could be spying on you - Dec 20, 2010
- Smartphone users reject apps over privacy issues - Sep 06, 2012
- Free applications drain smartphones of energy - Apr 05, 2012
- New mobile app developed to monitor data theft - Jul 06, 2012
- Google opens online store for Android users - Feb 03, 2011
- Cell phone - the new tool for data collection - Mar 18, 2012
- Now, group messaging apps on smartphones to connect 'real friends' - Mar 17, 2011
- Internet firms spy on personal texts sent on smartphones - Feb 26, 2012
- Firewalls can help hackers break into Facebook, Twitter - May 22, 2012
- Kochi IT firm launches app for women's security - Jun 30, 2011
- Apple Alerts Intent to Share Location Data - Jun 23, 2010
- New security app to keep your digital secrets safe - Jan 19, 2011
- Motorola launches world's `thinnest' smartphone - Oct 19, 2011
Tags: applications access, associate professor computer, consumer phones, duke university, enck, hardware identifier, intel labs, interface changes, location phone, monitoring service, party applications, patrick mcdaniel, phone hardware, physical location, s market, sensitive info, sim card, student computer, study also found that, usage history