Slashdot Mirror
Fifth of Android Apps Expose Private Data
WrongSizeGlass writes "CNET is reporting that a fifth of Android apps expose private data. The Android market threat report details the security issues uncovered. Dozens of apps were found to have the same type of access to sensitive information as known spyware does, including access to the content of e-mail and text messages, phone call information, and device location. 5% of the apps were found to have the ability to make calls, and 2% can send text messages, without the mobile user doing anything."
I tend to expose private data after a fifth of scotch.
And you are notified when installing in red letters exactly what the application has access to.
News flash: 100% of your pc applications have access to your file system!
My Evo tells me before I install an app what it will be able to do, I assume it works the same for all Android phones. It's hard to get worked up over an app that can access personal data, when you were told in big red letters that this app can access personal data, and you clicked ok anyway.
A fifth of applications rely on *permissions* that you, the user, must explicitly grant when you install them, that *allow* them to access private information.
That does not mean they do access that information, or put it to any sort of untoward use. Android practically screams at you when you install applications that need a bunch of permissions. Generally, sure, you ignore that if it just says "Read/write SD card" for example. But if something suspiciously asks for lots and lots of permissions, you might say to yourself "gee, this looks a little funny".
If 10,000 other people have installed it and everybody rates it 5-stars and there are no issues mentioned with it on the web, you can probably guess that it's not doing anything nasty with your information.
But the fact that Android extremely explicitly warns you about these permissions means that the only issue in my mind is there should be a more intense distinction in the UI between permissions like "Read/write to SD card" that lots of apps need, and "Access my contacts" or "Send text messages" which only a smaller number of apps need.
Otherwise, this is basically a hatchet job.
Whenever you install an application on Android, you're given a list of permissions the application wants to have in order to run, including accessing your data and making phone calls. You have to explicitly agree to this list before the app is installed. Is CNET saying that a fifth of Android apps can get your data, despite those permissions not appearing in the list? Because if they're not, this is a pointless "Well, duh" story: the user was told what the application is doing. If they just breeze through and click "OK" when that's clearly inappropriate (i.e., a tip calculator really shouldn't be requesting access to your call log), that's their damn problem.
Dislike the Electoral College? Lobby your state to join the National Popular Vote Interstate Compact.
Err --
Android applications have flags indicating what they are and aren't allowed to do, and are cryptographically signed with those flags. What this study (presumably) did is just check which apps have which flags set.
Thing is, when you-the-user install an app, you're told exactly which flags it has set, and given the opportunity to confirm or deny. In short -- if you're installing a lighter-flame gadget which says it's allowed to read your address book and connect to the Internet, and you click "OK", you deserve exactly what you get.
(Also -- misbehaving developers can, and sometimes do, have their signing keys revoked).
Cock sucking faggots! - Sent from my Android -
It would have been funny if you has said "Sent from your Android"
From the summary:
5% of the apps were found to have the ability to make calls, and 2% can send text messages, without the mobile user doing anything."
Err, the mobile user was explicitly informed of this BEFORE the software is install. Don't believe me? Check this screenshot http://www.taosoftware.co.jp/en/android/wakeupcallmaker/img/wakeupcallmaker_install.png
I guess someone has an axe to grind against Android (hint, hint) just because there were stories earlier about the iPhone revealing the exact location of the users to applications and ads.
This space for rent.
This report is hardly independent. If you ignore the CNET reporter looking for controversial pulp to post on a blog you'll find that this report comes from smobilesystems, a little-known mobile security company who conveniently have a new piece of Android security software to sell that will stop all these non-existent rogue spyware apps. You can argue all you want that users install these apps with full knowledge and consent. They know that it's BS; they just want to use FUD to convince the unwary and paranoid that their software (which if it actually does anything, probably just checks the installed apps against a package name blacklist) will keep them safe from an imaginary raging torrent of malware on the Android platform.
And behold, a command prompt and he who sat upon it, his name was shutdown and -h 3:11 followed with him
If its open source, is it really a threat?
Have you read the source to all the open source apps you use? If your answer is no, then the answer to your question is yes.
I wanted to install an app that managed sms, and it asked for permission to access my messages!
It goes without saying that I immediately canceled the installation.
They got the figures by mining information from each app via the Android Market, or through one of the many aggregator sites like this one. Permissions are publicly listed, so that's how they came to their figures.
But yeah, it's incredibly misleading. The user is warned on install and at the bottom of the application's description in the Market.
Charisma is the measure of someone's ability to lie with a straight face.
If you actually RTFAs' source, you'll see that this smobile systems company is using these statistics to try and sell a dependency checker.
Also, I saw no mention that these 'leaks' are derived from sources other than what the user allowed.
In short, Not news.
"Our goal each year should be to increase the number of goals we set for ourselves!"
I was using my Android today, and I discovered that it was exposing a huge amount of private data. Basically, it was transmitting a digital copy of all sounds that it picked up from its microphone, to some remote party. I couldn't believe this. More amazingly, it was triggered very simply: just dial a phone number and hit Talk. Sometimes it even occurred when I hit Talk just after the phone beeped. Nothing more was necessary. I can't believe they let this slip through.
...in particular. They're just selling anti-malware software for smartphones. They'll be glad to sell you protection for your RIM, WinMo, or Symbian phone, too. They're also glad to point out the danger you're in with those phones, too - lacking their product.
"National Security is the chief cause of national insecurity." - Celine's First Law
IPhone apps do not have access to email or text messages or the data in any other app except through a very well defined API that requires user confirmation in virtually all instances of data sharing.
In many cases there is no way to access the content of another app (email for example).
It it also not possible for an app to make a call without user confirmation and it is not possible to send a text message at all.
Now this is, in fact, sort of a pain because I'd really like to build an app that sends or receives text messages but it does make for improved data security.
This PDF was the most useless crap slashvertisement I've seen in a while. They're trying to sell us their anti-spyware package for Android, by citing stats that are meaningless.
I have Handcent SMS installed. Of course it wants permission to send and receive SMS messages.
I have a remote bricking package installed so I can disable my phone remotely if lost or stolen, so it has those permissions legitimately too.
The key is verifying that the permissions a package requests seem reasonable upon installation.
For example, if your new kids fingerpaint program requires full internet access, contact list access and sms access, you might have spyware on your hands.
- Michael T. Babcock (Yes, I blog)
Fear, Uncertainty & doubt is all this article is doing
http://en.wikipedia.org/wiki/Fear,_uncertainty_and_doubt.
As many people have pointed out the security permissions model in android is very good.
you cant have fantastic apps without allowing them access to other data.
And so thats why the security permission authorization screens are there.
Its so dumb this article, because you cant have your cake and eat it too.
It pisses me off when journalists write a piece like this LL because it gets headlines.
Hey CNet, get a life and stop taking backhanders from Apple or Microsoft. Just a ridiculous article in the first place.
IPhone apps do not have access to email or text messages or the data in any other app except through a very well defined API that requires user confirmation in virtually all instances of data sharing.
As does Android. Th
This application has access to the following:
These are all displayed to the user in big orange warning text, with an OK/Cancel button below 'em. Every application in the market does this sort of thing, so the user knows exactly what every app is able to do. The article looks like FUD to me.
I think you'd surprised to find that to most private data NO apps have ANY access on the iPhone... They're mostly limited to their own data and to the net and there are only very few APIs to access anything else. Android may be cautios and transparent, but iOS is paranoid.
In the long run I very much doubt that the "flagging and informing" of Android helps here. It's good for shifting the responsibility over to the user ("You clicked OK after all, you dumb fuck!"), nothing more. The difference between Google and Apple is that Google thinks this is enough and Apple doesn't. I have not made up my mind yet about who's right. But I know one thing: Half of the population is beyond average intelligence.
Does it? I've used several apps that have had access to my text messages, and I've never been presented with a confirmation request from them.
We hope your rules and wisdom choke you / Now we are one in everlasting peace
For the real question is what percent of market apps abuse this capability? It's one thing to have the capability (and the installer is pretty clear about what an app can and can't do when you first install it), but it's another to have a bunch of spyware apps out there abusing users' data. My guess is this story is Apple FUD and that the market is working just fine with lots of well-behaved apps doing useful things with calling data, email and text capabilities.
You have to OK all the things that an app can touch before you install it, if you go installing apps without looking at what it can possibly touch then that is your problem. That is unless there is an exploit that allows developers to access features that it does not specify in the application manifest.
The difference is that SMobile doesn't appear to have an antivirus/malware app for the iPhone.
You were presented with the confirmation when you installed the application. You should always read the requested permissions list before installing an application. If you're downloading a game, why does it need access to activate the phone? Legitimate developers will frequently leave comments and notes in the description about WHY they need additional permissions.
"Fighting the underpants gnomes since 1998!" "Bruce Schneier knows the state of schroedinger's cat"
Security through inoperability.
or else!
It asks you before you install the app so it doesn't bug you every five minutes after you install it when it tries to do things you're already aware it's going to do.
"It does not do to leave a live dragon out of your calculations, if you live near him." - Tolkien
Sounds like FUD to me.
Always a possibility to question these days. I have a silghtly different theory...
Note paragraph 3 of the whitepaper's summary:
SMobile's new behavior-based detection methodology leverages heuristic-style technology to determine if an application could be malicious, then gives the user the ability to use this information to determine if ... application is requesting permission to do things that just doesn't make sense for the application.
Given this it's obvious the whitepaper is an advertisement, not an objective security report.
Where the FUD question comes in is whether their application can actually do a better job at determining whether an application is "non-malicious" than the user could themselves. I believe the claim is exaggerated because trying to make a computer understand what an application does and how that relates to Android's security API is far from a trivial task.
Google map app has built in voice search that I don't think is at the OS level. For example, if you click the mic button while in map mode and say "navigate to gas station" it goes into nav mode to the nearest gas station.
Don't think of it like the web based google mas, think of it instead as a hand-free car's navigation system. It will also dial numbers for you, including knowing to dial where your driving to ( "Dial Destination or some such magical phrase).
-Malakai
A Dragon Lives in my Garage
The reason is, the Google Map app is NOT http://maps.google.com./ It's far more complicated. It's essentially a full car navigation system. It will respond to voice commands, dial numbers for you, keep the phone from sleeping ( so you can keep looking down at it while driving without having to unlock your phone ), cache's a large amount of data especially if sat view is on and traffic is on, and wiki layers, and last search layers...etc...etc.
Look, this is very much a One Button Mouse vs n-Button Mouse debate. On the Apple products, you don't trust the user or developer.... ever (unless the developer is Apple). On the Android platform, each party is liable. While the developer is held in a sandbox based on specific rights, it's not impossible for a seemingly legitimate app to wake-up in the middle of the night and dial 1-900 numbers. This trade-off in security is deemed a worthy risk because of the payoff in productivity and usefulness in increased application integration.
Google maps is a great example of the uber app on the Android. And all the functionality of Google maps could be replaced with by some other application. Anyone can compete with it. In the Apple world, the Google Map App would pretty much need to be part of the base phone operating system, or at least produced by Apple and not run in the sandbox.
In the case that a developer of an app uses it maliciously, it falls back to Google and Google marketplace to police this app.
-Malakai
A Dragon Lives in my Garage
That's not correct. iPhone apps have access to a far larger amount of data than you might expect. For instance they can all read the "keyboard cache" which records all keystrokes save for passwords. This iPhone Privacy study may prove interesting.
The differences between Android and iPhone are: (AFAIK)
- There are much less of these APIs on the iPhone than Android (eg: I dont think there is any API to access your email from an iPhone App, or make phone call or SMS without user confirmation)
- Android's user confirmation is at install, while iPhone's user confirmation is when the app try to use a particular API for the first time (eg: when it tries to use location) And the app can keep running even if the user denies it the right to use a specific service.
All in all, the iPhone security scheme is much more conservative, with the side effect that you cant do as many things in an iPhone app as you could in an Android App. For example, you could probably write an android app to could automatically navigate phone menus (eg: "For billing press 1" kind of things) while this is probably not possible for iPhone.
Apple is betting that their conservative approach will be more appealing for users if they dont have articles like this one coming out. Google is betting that their open approach will be more appealing to developers, but if more article like this come out, Android will become like windows security wise. It does not matter if it is true, or if it is a matter of user giving permissions, its all a matter of perception.