contador javascript Saltar al contenido
Contact :

Android: More than 1,000 apps accessed your data even if you denied permission


More than 1,000 Android apps have been ignoring permission settings, researchers discovered.

Jason Cipriani / CNET

Permissions in Android applications are intended to be guardians of the information provided by your phone. If you do not want a flashlight application to have the ability to check your call log, you must have the prerogative to deny access. But even when you say no, many apps find a way around: researchers found that more than 1,000 applications bypassed the restrictions, allowing the subtraction of information as an exact geographical location, as well as phone identifiers, behind your back.

The discovery highlights how difficult it is to maintain privacy online, particularly if it has to do with your phone or mobile applications. Technology companies have mountains of personal information from millions of people, including where they have been, who their friends are and what their interests are.

Lawmakers are trying to contain that with privacy legislation and application permissions are supposedly to control the information you give. Manzana Y Google they have launched new tools to improve user privacy, but applications still find surreptitious ways to dodge those protections.

Researchers at the International Institute of Computational Sciences (ICSI) discovered up to 1,325 Android applications that collect information on the devices where they are even after users explicitly denied them permits. Serge Egelman, director of usable security and privacy research at ICSI, presented the study at the end of June at the privacy conference of the United States Federal Trade Commission.

"Fundamentally, consumers have very few tools and signs that they can use to reasonably control their privacy and make decisions about it," Egelman said at the conference. "If app developers can go around the system, then asking consumers for permissions is relatively nonsense."

Read: How to prevent Android apps from waiting for you

Watch this:

Android 10: The most important news


Egelman said investigators notified Google about these problems last September, as did the Federal Trade Commission. Google said to mitigate those issues with Android Q, the operating system whose official version is expected this year.

The update addresses the problem by hiding photo location information from applications and requiring any app that uses Wi-Fi that needs a permit to access location information, according to Google.

The study looked at more than 88,000 apps in the Google Play store, tracking how they transfer app information when permissions were denied. The 1,325 apps that broke the permits on Android used hidden tools in their code to obtain personal information that could be taken from sources such as Wi-Fi connections and the metadata stored in the photographs.

The researchers found that Shutterfly, a photo editing application, has collected GPS coordinate information from the photographs and sent them to their servers, even when users declined to grant the application permission to access their location.

Fundamentally, consumers have very few tools and signs that they can use to reasonably control their privacy and make decisions about it. "

Serge Egelman, director at the International Institute of Computational Sciences

A spokeswoman for Shutterfly said the company only collected location information with the user's explicit permission, despite the evidence found by the researchers.

"Like many photo services, Shutterfly uses this information to improve the user experience with features such as product suggestions with categorization and customization, all in accordance with Shutterfly's privacy policies as well as with the Android developer agreement," he said. the company through a statement.