Android apps lose your data even if you told them not to.

ON A THOUSAND Android apps, some big names, share personal data even after being denied permissions.

This year, at the PrivacyCon conference, a presentation showed that recognized publisher applications, including Disney, work with a method to bypass Android permissions to share personally-recognizable data with third parties.

The problem is with the SDK. For non-coders, this is a kind of "framework" in which you can program what you want without having to start all over again.

In this case, the applications were created with the help of an SDK by Baidu, the Chinese search giant, in association with an analysis company called Salmonads. Applications incorporate the ability to function as a kind of hive, capable of transmitting data between applications, even if you have publicly denied permissions during installation.

The workaround works as soon as you install an offending application, as data transfer often takes place before you open the application to grant permissions in the first place.

The returned data includes the MAC addresses and details of your connection, which can be used to identify you geographically without GPS. Some applications go further, sending the actual GPS coordinates to the servers.

Some of these problems will be solved in Android Q. Among them, transmissions of MAC addresses will be random and shared contacts will no longer be identifiable by the frequency with which you interact. This will also ensure that your GPS coordinates are not embedded in your default photos.

The big problem comes from fragmentation. At the moment, Android Q is not official – that is why there is not yet a hilarious name related to food. We already know that getting users to update, or even manufacturers, to update the operating systems of their customers has always been a problem. After all – Android 9.0 Pie still beats under 11 percent market share. As such, it is likely that the vast majority of customers' devices will never see patches on their devices.

Google is not talking about the issue yet, but some are asking it to act with "fixes" from earlier versions of Android to smother this practice from the beginning, because technically what Baidu's SDKs do do not go against all the real rules – just a bunch of moral rules. μ