Perhaps not a great novelty for most users that Android applications send a lot of data, but probably some be surprised with the amount of such data that are not really necessary to be sent, and we are not even aware of it. An MIT research revealed that many information is sent and users do not know what happens.
From these “secret” communications carcass half seems to be initiated by packages of standard Android analysis, reporting statistics usage patterns and program performance and are designed to help developers improve application. Julia Rubin, post-doctorate at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL), who led the study, says this is not the case for other applications.
The interesting part is that the other 50% can not be attributed to analytics. There may be good reason for this secret communication. We do not intend to say that has to be eliminated. We are just saying that the user must be informed.
Researchers at MIT found that many of the hidden data sent and received by the 500 most popular Android apps are not necessary for the operation of services. For example, Walmart’s app tells eBay whenever the user makes a scan of a bar code, but there is no practical difference if that connection is cut off.
The MIT conducted a test on 47 of these applications and modified them to prove that question, eliminating those unnecessary data connections. As a result, 30 of these apps modified were virtually identical to the official versions in functionality and the others had only slight differences such as the lack of ads.
This does not mean that the data itself is suspicious, or that the issue is specific to Android. As Rubin’s explanation says, half of it comes down to analytical data such as crash and performance reports. Although not essential to the applications work, some of them are useful to help the application run more efficiently, and help features such as the search for content. Others can be used so that the service continues to function correctly if you lose internet connection.
The problem is that this exchange of data is hidden and applications do not report at all what they are doing with these communications. Although the services tested to perform these connections in a way that does not harm the users, there is concern that a little careful application developer put the information of those at risk for no good reason. Lack of transparency may also hamper the work of companies and security researchers, investigating what the possible risks that applications can offer.
Interestingly, the game Candy Crush Saga, which had a bad reputation a few years for violation of privacy, was one of the few apps that proved in studies without any secret communication. “It became a model citizen,” says Rubin.
No comments:
Post a Comment