Linked by Thom Holwerda on Mon 10th Sep 2018 21:59 UTC
Privacy, Security, Encryption

During preparation for a workshop at DEF CON in August on locating privacy leaks in network traffic, we discovered a number of applications on both iOS and Android that were broadcasting precise location data back to the applications' developers - in some cases in unencrypted formats. Research released late Friday by Sudo Security's Guardian mobile firewall team provided some confirmation to our findings - and demonstrated that many apps are sharing location data with firms that market location data information without the users' knowledge.

Is anyone still surprised by this? Apple was recently also forced to remove one of the most popular apps in the Mac App Store because it turned out to be spyware. The one redeeming feature of closed application stores is that they're safer - if that advantage turns out to be a lot less solid than proponents of walled gardens proclaim, why do we keep insisting on maintaining them?

E-mail Print r 3   7 Comment(s)
Thread beginning with comment 662237
To read all comments associated with this story, please click here.
Apple
by TheForumTroll on Tue 11th Sep 2018 22:21 UTC
TheForumTroll
Member since:
2018-04-28

According to every single iPhone owner this is only a problem on Android and no amount of research will change that. Too much cool-aid is bad for you. Sorry, juice. I meant juice!

Reply Score: 4

RE: Apple
by Tony Swash on Tue 11th Sep 2018 23:15 in reply to "Apple"
Tony Swash Member since:
2009-08-22

According to every single iPhone owner this is only a problem on Android and no amount of research will change that. Too much cool-aid is bad for you. Sorry, juice. I meant juice!


I am sure that as long as you install the latest version of Android, which includes all the latest security fixes, you are more or less as secure as iOS.

Can you see the weak link?

Reply Parent Score: 0

RE[2]: Apple
by Gargyle on Wed 12th Sep 2018 13:55 in reply to "RE: Apple"
Gargyle Member since:
2015-03-27

That's only a valid argument if said applications were to exploit known bugs or leaks in older Android systems.

In this case, they just use readily available APIs to which they are given access by the user upon installation, so it does not matter whether the systems those apps run on are up to date.

Edited 2018-09-12 13:56 UTC

Reply Parent Score: 4