[ad_1]
"Would you like to allow this app to query the location of the device?" These or similar questions appear on the phone when you install a new app and you open it for the first time or use a feature linked to a map. This control issue is to prevent Apps ask the location without asking the background and the application manufacturers can store or even sell this data. Both on iOS and in android There is this extra level of security for years.
A current case, described in the magazine "Cnet", however shows how this protection measure can be easily exploited and outdated. Researchers at the University of California at Berkley have Google The Android App Store has found more than a thousand apps that sneak into the location data of their users, even if they have been prevented from doing so.
Applications arrive by detours to their destination. Since they are not allowed to use GPS for localization, they are looking for location data instead. The researchers describe three methods:
- When the cameras of a mobile phone take a picture, they provide each file with all kinds of additional information, such as shutter speed, file name, time and date. l & # 39; location. If an application has access to the photo archive, it can reconstruct the place where you were based on the pictures taken.
- With which WLAN or which router is connected, you can also give clues to the location and help you create motion profiles.
- The third method is particularly treacherous: applications perform a search on the SD card to search for data from other applications with access to location data. If this data is not properly protected, locked applications always arrive at the desired location data.
Of the 1325 applications discovered, only 153 can use the latter method. Including an important name: the Internet browser and the health application of Samsung the researchers went to the net. A statement from Samsung is still pending.
The researchers themselves reported these dubious tips to Google last year. The tech company, however, wants to solve the problems with the Android Q announced this fall. Already in August, researchers want to publish all the details of their investigation.
But how can one protect oneself against these machinations? Unfortunately, this is only possible indirectly, carefully considering the applications to install on your device. But if such applications are already preinstalled, this precaution does not help. In addition, it is useful to know that you can also be located indirectly and that the photos are only more revealing than what you see in the naked eye.
Created: 10.07.2019, 10:46
Source link
