During preparation for a workshop at DEF CON in August on locating privacy leaks in network traffic, we discovered a number of applications on both iOS and Android that were broadcasting precise location data back to the applications’ developers – in some cases in unencrypted formats. Research released late Friday by Sudo Security’s Guardian mobile firewall team provided some confirmation to our findings – and demonstrated that many apps are sharing location data with firms that market location data information without the users’ knowledge.
Is anyone still surprised by this? Apple was recently also forced to remove one of the most popular apps in the Mac App Store because it turned out to be spyware. The one redeeming feature of closed application stores is that they’re safer – if that advantage turns out to be a lot less solid than proponents of walled gardens proclaim, why do we keep insisting on maintaining them?