Android Phones Are Following You, Even When You Are Out

An image of the article Finders Find Android Phones Follow You, Even When You Are Out

Figure: Leon Neal (Getty Images)

If you use an Android phone and (rightly!) Are concerned about digital privacy concerns, you may have taken care of the past. You removed very embarrassing careless software, came out monitoring where possible, and following other popular self-defense strategies how-to privacy guidelines I told you that. The bad news — and you may want to be under it — is that none of these methods can be without trackers.

Alternatively, that is the purpose of a new paper from researchers at Trinity College in Dublin who saw how some sections share other Android OS, including those developed by Samsung, Xiaomi, and Huawei. According to the researchers, they “do not change” the outside of the box and when left unchecked, these tools simply continuously return data to OS developers and kill other selected people. And the worst part is that often there is no way to fix this, even if the users want it.

Many of the errors here, as the researchers point out, fall on the so-called “operating systems. ”These are programs that come pre-installed by the manufacturer of electronic devices on other devices to provide some type of functionality: a camera or software program with models. Android puts these apps in so-called “read-only memory” (ROM), which means you can’t uninstall or modify these apps without, well, Install your tool. And until then, the researchers found that they re-sent everything to their parent company and a few other people — even if you didn’t open the app.

Here’s an example: Suppose you have a Samsung device that is manufactured by others Microsoft bloatware default, including (ugh) LinkedIn. Although there is a good chance that you will LinkedIn browser For whatever reason, the robust mail system simply returns to Microsoft servers and information about your device. In this case, it is called “telemetry data,” which includes information such as device identification, and the number of Microsoft applications you have installed on your phone. These as well shares with third-party providers that these programs can access, which means Google, since Google Analytics is the ruling king all external analytics tools out there.

The researcher's vulnerability is what tools collect data, and where it is sent.

The researcher’s vulnerability is what tools collect data, and where it is sent.
Drawing picture: Shoshana Wodinsky (Trinity College)

When it comes to complex programs for you he can it opens once in a while, although most are sent by any connection. Researchers captured Samsung Pass, for example, sharing information such as how long you have been using the app, and for how long, with Google Analytics. Samsung’s Ditto Game Launcher, and each time you pull an Samsung agent, Bixby.

Samsung isn’t the only one here, obviously. Google’s messaging app that will be pre-installed on phones from Samsung competitor Xiaomi was caught sharing a timestamp from all users of Google Analytics, as well as logs every time a user sends a message. Huawei devices were caught doing the same thing. And on devices that Microsoft SwiftKey came pre-installed, logs that specify every time a keyboard is used on another app or anywhere on the device are shared with Microsoft, instead.

We have not copied above in terms of what each program is doing on any device that these researchers looked at, which is why you should know paper or, however, see ours helpful guide by exploring how to share data on Android yourself. But for the most part, you’ll see data sharing that looks pretty, well, unattractive: event logs, more of your device’s hardware (such as color and window size), as well as other identifiers, such as phone number and real phone number and phone identification, or “AdID.”

Personally, not all of these principles can identify your phone as yours, but when combined, they create “give birth”That can be used to track your device, even if you try to get out. The researchers point out where the Android promotional ID is professionally stability, the fact that these apps are often endowed with permanent identifiers means that the app and anyone else who works with them will know who you are. The researchers found this and some of the recoverable IDs provided by Samsung, Xiaomi, Realme, and Huawei.

With its history, Google they do have a few software programs means to block programs that are hijackers. It tells the devs that they will not be able to associate the device’s unique identifier with any other fixed object (such as the device’s IMEI, for example) on any ad-related objects. And when analytics providers but allowed to do this online, can be done with the user’s “guaranteed permission”

“If you set it up again, the new identifier should not be associated with previous identifiers or previously mentioned information when searching for advertisements without the explicit user’s permission,” Google explains. a different page explaining these points of dev. “You need to follow the user’s ‘Choose to Do Business with Attention’ or ‘Choose Ads’. If the user has contributed to this, you may not be able to use advertising IDs to create a user profile on ads or follow users to your ads.”

It is important to note that Google does not impose restrictions if manufacturers are able to collect this, which they are allowed to deal with after collected. And because these are pre-installed apps that usually reside on your phone, the researchers found that they are often allowed to release user secrets slowly by simply walking backwards, regardless of whether or not the user opened them. And without an easy way to delete them, this collection will continue to happen (and continue to happen) until the owner of the phone can the ceiling and roots or throw their weapon into the sea.

Google, when asked about random data-collection of people coming on BleepingComputer, responded that this is “how modern smartphones work”:

As explained in Google Play Services Story Center, this is important for basic electronic components such as push notifications and software updates in the area for a variety of software and software applications. For example, Google Play services uses notifications on approved Android devices to help with startup devices. Collecting a small amount of information, such as the device’s IMEI, is necessary to get the latest updates on Android devices and apps.

That sounds reasonable and straightforward, but this research confirms that it’s not the whole story. As part of this research, the team looked at a tool developed by / e / OS, a privacy policy that has become like “deGoogled”Android version. The machines are interchangeable with Android cooking apps — including the Google Play shop — and free and open matching which users can connect without the required Google account. And you would never know, when these tools are left blank, they did not send “Google or any other people,” and “have no knowledge” of their e / devs.

In other words, following the above steps is inevitable if you feel that the Google presence on your phone is unavoidable. Let’s be honest here — it’s possible for most Android users. So what is a Samsung user, other than, knowing, being tracked?

You can get lawmakers to take care of it, for starters. The privacy rules we have in the books today-like GDPR in the EU, CCPA in the US — they are only designed to support the way technology companies work known types of information, such as your name and address. The so-called “anonymous”, such as your device’s tools or branding, often fall into these legal barriers, even if they can are used to know you regardless. And if we can’t call for better laws in our country to change, maybe one of the many antitrust suits Google’s current search allows the company to put a cap on some of these bad stuff.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *