Free Android Apps Found Tracking Personal Data
The Google Play store is a veritable frontier for apps of varying degrees of quality, while Apple tends to rule its App Store with an iron fist, only allowing thoroughly vetted apps to make an appearance. Only apps that are visibly malicious are barred entry to the Google Play store, leaving room for apps that aren't completely honest with their intentions. Perhaps it's time that Google follow Apple's lead and tighten up on the reins a bit, especially considering that a security team found thousands of free Android apps that are sharing user data by connecting with advertising and tracking sites–all unbeknownst to users.
Detailed in an MIT Technology Review, Luigi Vigneri and his team from Eurecom created an automatic method to scan Android apps, monitoring teach time they connect with external sites. The security team used over 2,000 free Android apps downloaded from the Google Play store for their research. They found that the apps connected with 250,000 different urls. In some cases, a single app connected to 2,000 unique urls.
On the whole, about 10% of the tested apps connected to over 500 different urls. It also turns out that Google maintains 90% of the ad-related domains which are frequently contacted by these rogue apps on the Google Play store, which is a little suspicious. Could Google be gaining anything from its own light-handed regulation of its app store?
The team from Eurecom have a solution on the way in the form of an incoming Android app called NoSuchApp which will monitor a user's outgoing traffic, keeping an eye on which urls your apps could be sharing tracking data with. Just like other Android apps, you'll be able to find it at the Google Play store upon its later release.
VIA: Gizmodo