Thousands of Android apps exposed to have vulnerabilities that share data without permission

Thousands of Android apps exposed to have vulnerabilities that share data without permission

It has been revealed that more than a thousand Android (Android Q) apps in the app store have been sharing personal user data with third parties without obtaining explicit permission from users.

[[270933]]

Investigators said the app developers had exploited a vulnerability in the Android system to circumvent the permissions settings on the terminal device. The vulnerability was demonstrated at the PrivacyCon conference held by the US Federal Trade Commission (FTC).

The investigation found that this vulnerability was deployed through the software development kit (SDK). Although the SDK brought convenience to developers, unfortunately, the SDK allowed the APP to share data privately before the user authorized it. Even big companies like Disney have exploited this vulnerability.

The researchers said that the terminal's MAC address and network connection details will be shared. In addition, the SDK can accurately locate the user's exact location even without GPS, and some apps can even share GPS data directly.

However, the researchers believe that the upcoming Android Q official version may solve some of these problems. The MAC address sent will be randomized, and GPS coordinates will not be embedded in photos by default.

However, given the fragmentation of Android and the fact that system upgrades by various manufacturers are often not timely, if you wait until you use the Android Q version, I'm afraid there will still be a long way to go.

<<:  Apple's best-selling iPhone 6 discontinued, 250 million units shipped

>>:  4G mobile phones will not be eliminated and the network experience will be guaranteed in the future

Recommend

When operating short videos, don’t fall into these pitfalls!

People often say "avoiding pitfalls is progr...

How to distinguish between Douyin information flow delivery and Douyin+?

According to official statistics, the official da...

The bonus period of Douyin fans is coming, how can we take advantage of it?

Follow the flow , you will never go wrong. This s...

How can you eat your fill while stockpiling food?

Mixed Knowledge Specially designed to cure confus...

OPPO promotion app advertising process explanation

1. OPPO app distribution advertising delivery pro...

More modern image format WebP usage and conversion

Introduction to WebP WebP is a modern image forma...

Do you know how this rare variety of peony was cultivated?

The Tang Dynasty poet Pi Rixiu once wrote a poem ...