Windows 10 News and info | Forum
April 20, 2019, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Pre-installed Android apps pose huge security and privacy risks, study says  (Read 17 times)
javajolt
Administrator
Hero Member
*****
Offline Offline

Gender: Male
United States United States

Posts: 29912


I Do Windows


WWW Email
« on: March 26, 2019, 12:51:25 PM »
ReplyReply

It was only a month ago that pre-installed malware was discovered on Android-based Alcatel smartphones, and other such security flaws are no stranger to apps found on Google’s own Play Store.

But a recent study analyzing pre-installed Android software has found that many vendors that provide their own version of the open-source operating system abuse the platform in order to release products with integrated data collecting services.

The analysis was conducted by IMDEA Networks Institute, Universidad Carlos II de Madrid, Stony Brooks University and ICSI, and covered more than 200 device manufacturers, 1,700 devices, and 82,000 pre-installed apps.

This study concluded that, whether through the deliberate misuse or poor practices, companies creating their own Android-based firmware for smartphones had a tendency to enable third-party access to user data in its software and, furthermore, hide such activity from the user.

“This situation has become a peril to users’ privacy and even security”, the paper claims, “due to an abuse of privilege, such as in the case of pre-installed malware, or as a result of poor software engineering practices that introduce vulnerabilities and dangerous backdoors.”

The analysis found that it wasn’t just the smartphone manufacturer responsible for such transgressions, but a “myriad of actors” ranging from software developers to advertisers and that these parties are potentially involved in secret partnerships.

“Users’ activities, personal data, and habits may be constantly monitored by stakeholders that many users may have never heard of, let alone consented to collect their data,” the study finds.

As for solutions to the lack of transparency that these researchers uncovered, they suggest the introduction of an objective “globally-trusted” regulatory body that would sign software certificates rather than the vendors themselves, as well as clear and public documentation of pre-installed apps, their purpose, and the entity responsible for them.

Google has responded to TechCrunch on the issue, claiming that the report’s methodology “is unable to differentiate pre-installed system software [...] from malicious software that has accessed the device at a later time”, and that the company works closely with, and provides tools for, its partners in order to protect against software that violates its policies.

source
Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page April 11, 2019, 10:31:37 PM