[ad_1]
According to a study by a team of researchers at the Northeast University, some of the most known applications of your phone can take screenshots of your activities and send them to third parties .
This is particularly disturbing as these clips, video clips and all your on-screen activities may include user names, passwords, credit card numbers and others important personal information. "We have found that thousands of famous apps have the ability to record what's on your phone's screen and what you're writing," said David Chavens, a professor of music and music. computer who oversaw the study.
"This includes your username and password, because the characters you write can be saved before they become these little black dots."
This study – conducted by graduate student Ellen Penn and future PhD student Jingjing Ren – was based on a widely shared argument that phones record our conversations secretly and then sell this information to businesses so that they can target you with annoying ads.
The researchers found no evidence of recorded conversations, but they found evidence of the activity record, which in turn is more serious.
Chovnice said, "We knew we were looking for a needle in a haystack."
. "But we were surprised to find many of these needles," he said.
What they found was that some companies were sending screen captures and video clips of all the user 's phone activities to third parties.
While these privacy violations seem benign and not so serious, I've made it clear how easy it is to use the privacy window of the phone to make a profit.
Christo Wilson, another computer professor from the research team, said, "This vulnerability is likely to be used for malicious purposes: it is easy to install and collect .
The most disturbing thing is that it happens without informing or taking permission from users. "
" In the event that our eyes fell on it, the information sent to the third party was postal codes, but it was also easy to get credit card numbers. "
Study:
Researchers analyzed over 17,000 of the most famous applications on the Android operating system, using an automated program testing program by students.
Although the study was was conducted only on Android phones, Wilson and Schofnis both said that there was no reason to believe that other phone operating systems would be less vulnerable to penetration
Ellen Penn began the project as a research project in the fall of 2017 and continued working on it until she graduated in May.
document will be presented in Barcelona later this month at a roundtable on improving privacy technology.
"I did not think much about the privacy of the phone and even my friends did not do it," said Ban, the newspaper's first author.
This definitely raised my interest in research, and I will think about going back to the university from where I graduated.
But for the moment, Ban is preparing the Barcelona conference and starts working in August as a software engineer at Squire, a mobile payment company.
During the search, Wilson stated that the team was quite surprised by the results: "There was no leakage from his – there was not even an application making the microphone
Then we started to see things we were not expecting.
Applications took screenshots automatically and sent them to third parties. "
In total, 9,000 of 17,000 apps could take screenshots.
"But we found a different case: an application records a video of the user's activities on the screen and sends that information to third parties," says Wesel.
This app is GoPuff, a fast food delivery service, which sends screenshots to Appsee, a company that analyzes data from mobile devices.
All this was done without the user knowing the application.
Wilson and Chovannes both pointed out that neither company had a malicious intent.
They said that web developers typically use this type of information to debug their applications and improve the user experience.
But that does not mean that malicious companies can not use this privacy window to steal personal information for profit.
"It could be a lot worse than having the camera take pictures of the ceiling or record unnecessary conversations from the microphone," Chovnice said.
There is no easy way to close this privacy vulnerability.
GoPuff has modified the Terms of Use Agreement to notify users that the company may take screenshots for use.
Google has issued a statement confirming that its policy requires developers to disclose to users how to collect their information.
But Wilson said that it protects companies from prosecution and does little to protect the privacy of users who rarely read these long-standing legal agreements.
Both said that the privacy window would not be closed until the telephone companies had changed their operating systems, which should not happen anytime soon.
- Translation: Hossam Safa.
- Verification: Razan Hamida.
- Publisher: Issa Hazeem.
- Source
[ad_2]
Source link
