Thousands of Android apps exposed to have vulnerabilities that share data without permission

Thousands of Android apps exposed to have vulnerabilities that share data without permission

It has been revealed that more than a thousand Android (Android Q) apps in the app store have been sharing personal user data with third parties without obtaining explicit permission from users.

[[270933]]

Investigators said the app developers had exploited a vulnerability in the Android system to circumvent the permissions settings on the terminal device. The vulnerability was demonstrated at the PrivacyCon conference held by the US Federal Trade Commission (FTC).

The investigation found that this vulnerability was deployed through the software development kit (SDK). Although the SDK brought convenience to developers, unfortunately, the SDK allowed the APP to share data privately before the user authorized it. Even big companies like Disney have exploited this vulnerability.

The researchers said that the terminal's MAC address and network connection details will be shared. In addition, the SDK can accurately locate the user's exact location even without GPS, and some apps can even share GPS data directly.

However, the researchers believe that the upcoming Android Q official version may solve some of these problems. The MAC address sent will be randomized, and GPS coordinates will not be embedded in photos by default.

However, given the fragmentation of Android and the fact that system upgrades by various manufacturers are often not timely, if you wait until you use the Android Q version, I'm afraid there will still be a long way to go.

<<:  Apple's best-selling iPhone 6 discontinued, 250 million units shipped

>>:  4G mobile phones will not be eliminated and the network experience will be guaranteed in the future

Recommend

Event operation: coupon distribution strategy design!

1. Write in front It’s time to do some case revie...

Product Marketing 7P Strategy Guide

While product marketing is an important function ...

The most complete! 56 professional terms for Tik Tok operations!

The editor has summarized the commonly used terms...

Why is my phone charging so slowly? Here's the reason

As mobile phone functions become increasingly pow...

Can you see the vortex of Coriolis force in the toilet?

One in ten people on Earth see everyday phenomena...

How to bid and match Google/Baidu SEM keywords?

Bidding and matching methods are the two most imp...

Tips for creating popular short video titles

Different from the public account push model, Tou...

Why is the champion single product "leek box" so delicious~~

Audit expert: Wang Guoyi Postdoctoral fellow in N...

Channel pitfalls: 8 hidden rules of App operation

First, let’s deconstruct the position of App Oper...