Thousands of Android apps exposed to have vulnerabilities that share data without permission

Thousands of Android apps exposed to have vulnerabilities that share data without permission

It has been revealed that more than a thousand Android (Android Q) apps in the app store have been sharing personal user data with third parties without obtaining explicit permission from users.

[[270933]]

Investigators said the app developers had exploited a vulnerability in the Android system to circumvent the permissions settings on the terminal device. The vulnerability was demonstrated at the PrivacyCon conference held by the US Federal Trade Commission (FTC).

The investigation found that this vulnerability was deployed through the software development kit (SDK). Although the SDK brought convenience to developers, unfortunately, the SDK allowed the APP to share data privately before the user authorized it. Even big companies like Disney have exploited this vulnerability.

The researchers said that the terminal's MAC address and network connection details will be shared. In addition, the SDK can accurately locate the user's exact location even without GPS, and some apps can even share GPS data directly.

However, the researchers believe that the upcoming Android Q official version may solve some of these problems. The MAC address sent will be randomized, and GPS coordinates will not be embedded in photos by default.

However, given the fragmentation of Android and the fact that system upgrades by various manufacturers are often not timely, if you wait until you use the Android Q version, I'm afraid there will still be a long way to go.

<<:  Apple's best-selling iPhone 6 discontinued, 250 million units shipped

>>:  4G mobile phones will not be eliminated and the network experience will be guaranteed in the future

Recommend

4 thinking skills for new media operators to write hit products!

I'm in Beijing recently, learning writing fro...

Free resources that APP promotion novices must know

Free resources that app promotion novices must kno...

Summary of Web App Development Skills

1. META/LINK related 1. Baidu prohibits transcodi...

The chaos behind Internet TV: counterfeit set-top boxes are rampant

With its vast resources and better audio-visual e...

The hero's end: Sony laptops sold at 50% discount by dealers

"Sony laptops are giving back as a token of ...

Trust me, 20 minutes is enough.

Have you heard of the "20-minute park effect...