MIT researchers analyzed the top 500 of the most popular applications for Android and found that 63% of these apps exchange with remote server communications that do not bring any impact on the use of the application, are useless exchange of information.
You know? Known or not, it is “unimportant” because they accepted when you installed the app. Are those little letters that when you install one, or almost no one reads and then press the “Yes” button, and follow. After all there is a lot we do not know.
Synergies or breach of trust?
There are many communications through that part of the statistical data collected by Google Play, however, not all statistics. Where cases are some apps that “talk” with others. For example, when users in the United States use the Walmart app, that communicates with the eBay whenever it is used functionality that scans a barcode, who says this certainly tells others of the same caliber.
Processing application data and comparing the interface before and after the connection has been initiated, the researchers found that 63% of these free applications Android, in fact, “whispering” secret data “entities” remote.
Rebuild and give to prove
But the findings did not stop here, researchers descompilaram and modified 47 top applications 100 of free, disabling its ability to start secret communications.
After these applications were made available to the people, conventional and traditional users of these applications already, that knew and used. In 30 of these applications, none reported any differences between you were using (modified) and original. However, there were 5 applications and these have left a problem even working, while the other 12 showed minimal impact on the user interface.
Google is statistical or business?
In almost all recorded cases, most secret communications were initiated by the same components. The “biggest offender” is com.google.android, used in 76.4% of all analyzed apps. The researchers found that the component started in 1913 secret links, 50% of the total number of connections.
Other notable offenders are com.gameloft (mobile gaming), com.unity3d (platform and games) com.facebook (social networks) and a number of SDKs advertising.
Interestingly, one of the apps that so often been under fire for these reasons, the saga Candy Crash, and who was present at the top, did not pass any classified information.
Conclusions of the “fine print”
This study is available to the public so you can check which involved applications, used methodologies and other data relevant to understand how users are benevolent, especially when they accept the terms of use of the applications that they install. On the other hand, may be the techniques used by companies, called social engineering, which is so finely tuned so that puts in the right place this information in the final act, with the final step of the installation, where anxiety is greater for so as not to give opportunity to the discernment to read carefully as far as the user opens wide the door of your data.
Softpedia
No comments:
Post a Comment