Slashdot Mirror
Pandora App Sends Private Data To Advertisers
Trailrunner7 writes "An analysis of the popular free mobile application from online music service Pandora.com that is the subject of a grand jury investigation into loose data privacy practices in the mobile application market confirms that the application silently sends reams of sensitive data to advertisers. The analysis was conducted by application security firm Veracode and found that Pandora's free mobile application for Android phones tracked and submitted a range of data, including the user's gender, geographic location and the unique ID of their phone, according to an entry on Veracode's blog."
As I said last time, "I stopped using their app when it wanted access to the system logs. This includes all notifications of pretty much everything going on on your phone. It might help them debug the app, it might help them with advertisers. Who knows. I just knew their app wasn't worth it."
This is potentially a much more massive problem than we have been told.
Pandora can have the SSNs of everyone I know if they'll just keep providing their free musical goodness.
So, you mean all those ads at the bottom of the Pandora app that were specific to my home town wasn't just a random coincidence? How is it taking these things "silently" when it tells you exactly what you are giving it access too? Obviously, knowing where you live has no bearing on the type of music it's going to play. What else did people think this was going to be used for?
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
Serial rapist/killer used silent Android monitoring system to track and catch victims in locations when they where alone, outdoors and had nowhere to go.
seriously, what do you expect from a free app that streams licensed music that they had to pay for? a bunch of ads no one clicks on?
this is how google makes money, metrics. everyone is doing it as well.
Wondering if I should uninstall their app from my iPhone.
Now he's listening to Nirvana...now he's listenning to David Bowie...now he's listening to Twisted Sist- oh wait he skipped that one.
The big problem here is that whenever you install any application, you're technically giving the designers virtually free reign to do whatever they like with your system/PC/phone/whatever.
Once permitted in, most commercial applications barge into your PC, rewrite whatever files they please, alter configuration settings, gobble up memory, install themselves as startup applications and often install an entire suite of unwanted applications and advertisements you didn't even ask for. Then they plonk themselves down in your living room, feet on the sofa, and begin to shout at you, along with all the dozens of other loudmouth applications you've invited in.
May the Maths Be with you!
Does anyone know how they collect geographic information when the application requires neither coarse location nor fine location?
The lack of those Android permissions either makes this a bigger story than simply Pandora sending information, or it makes me skeptical of the researchers' claims.
Google needs to change the security model to allow finer grained access and more information to users about how much information that access allows. I should be able to install an application that wants access to my contacts but choose to deny that access with a warning that it may affect the functionality of the app. There should be more detail information on just what information an application can get hold of with that access. I think using the SELinux model of security in the kernel would be a good idea. If I don't grant an application process rights to certain files, it can't get access no matter what.
The actual Vericode post says it's both the iPhone and Android versions. I'm not sure why the article linked in the summary [and thus the summary] only mentions the Android version.
I wonder then, does the web browser interface do something similar, minus the GPS info of course? What about the Pandora One desktop app?
Nothing to see here
Is an app that sits between your personal and phone info and all your other apps and controls what data gets presented to each app
Pandora got caught. Getting caught is the anomaly. And people will never learn that there is no privacy on a networked computer
For justice, we must go to Don Corleone
When you install that application on android (or any application for that matter), you have to grant it (and by that I mean, acknowledge) permissions asked by the application.
It's the lusers fault for giving "Tom Talking Cat" privileges to fully control their phone, GPS, read contacts, browse the internet freely.
No idea if that app actually asks for all that crap, but there are plenty that do when they're nothing more than a stupid text editor.
Despite the suit, recent SEC filing suggest eveything pointing up:
* Revenue skyrocketed from $55,189,000 in FY2010 to $137,764,000 in FY2011.
* Advertising revenue rose from $50,147,000 in FY2010 to $119,333,000 in FY2011.
* Subscription and "other" revenue increased from $5,042,000 in FY2010 to $18,431,000 in FY2011.
* Despite rising content acquisition costs (up from $32,946,000 to $69,357,000 between FY2010 and 2011), Pandora's loss narrowed from $15,549,000 in FY2010 to $321,000 in FY2011.
Despite strong competition such as Sirius XM radio and even Apple to that regard, I wouldn't worry much.
New Economic Perspectives
Doesn't the name imply that there is trouble inside? Where is the false information in that. I guess you could say Veracode opened Pandora's box.
Gender, location, phone? It is clear what the people at Pandora are doing, trying to get dates.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
Honestly, I wouldn't mind them doing this if they had been clear and upfront with their intentions. Something along the lines of...
"We will provide you a free service in exchange for client usage statistics. This information will be shared with 3rd party marketing firms"
It's not so much what they do with this information in so much that I no longer feel safe reading this first time on Slashdot. How can I trust them now? I can never trust a sneaky bastard. Because of their lack of disclosure, Pandora just got uninstalled from my Droid.
Life is not for the lazy.
The actual Vericode post says it's both the iPhone and Android versions. I'm not sure why the article linked in the summary [and thus the summary] only mentions the Android version.
I wonder then, does the web browser interface do something similar, minus the GPS info of course? What about the Pandora One desktop app?
There are specs for getting geolocation information via JavaScript, so possibly. However, your browseri s supposed to ask your permission prior. This also doesn't preclude other Pandora components, such as Flash, which may have their own API.
That said, am I the only one who just doesn't care? This company is providing bandwidth and fronting music industry negotiations in order to deliver a useful and valuable service to me for free. As per the implicit (and explicit) contract with almost every modern free service, it's a willing exchange of information, and I'm perfectly willing to trade my phone ID and location for this service (for now).
It would be nice, though, if there was an Android requirement that each application disclosed exactly what data it was collecting, and for what purpose, in order to be included in the Marketplace.
Use Slacker. It's just better.
Only the mobile phone carriers should be allowed to collect large, but unknown, piles of personal information silently and without oversight! It is an outrage that others would dare to step onto the rightful domain of these oh-so-helpful surveillance buddies.
On a more serious note: What I would really like to see in Android(and other mobile operating systems; but a 3rd party build of Android is pretty much the only one where this would ever see the light of day on any hardware that isn't a laptop-size dev board...) is a supplement to the existing system of granular access-request application permissions:
Spoofing.
At present, you can see what permissions an application demands(perhaps not at quite the level of granularity that would be ideal; but the concept is good, and refinements aren't fundamentally challenging); but you have no way of pushing back against an application that seems a bit uppity, other than refusing it. What would be ideal would be a way of setting up multiple instances of the various Android content providers. One set of instances would be the 'real' one, populated with actual system data(address book, location, etc, etc.) Other instances would be various flavors of 'fake', either generated by applying an overlay filter to the real ones(ie. I might want to give an application that uses location data access to 'location data, but truncated to ~city level accuracy', which would be a content provider generated by a simple mathematical operation against the genuine content provider for location data), or auto-generated to look plausible; but be completely unrelated to the truth(ie. an 'address book' consisting of a simple dump of 47 name/number pairs from a phone book). This would allow you to push back against applications that demand more than they need to know; by allowing you to fulfil their architectural 'requirements'; but choose for yourself which are actually necessary for what you want to do(if you want a navigation app to work, you do need to give it your real location. If you just want dining recommendations, you may only feel the need to give it city-level accuracy, and feel no need whatsoever to give over your real address book for 'social dining integration'...)
Such a system would have additional benefits: it would make tasks like separating work/personal(or personal/er... 'extracurricular' if that is your style) architecturally clean and much lighter-weight than virtualization. You could have multiple true address books, say, one accurately reporting your personal contacts, and one accurately reporting your work contacts, and you could point twitfrienddroidfeed at the first and seriouscorporatemail at the second.
the you, the user of that service, are the product.
Best Slashdot Co
Please excuse my ignorance. but how is this illegal? companies do this all the time over the web. tracking where you log in from, how long you are one each page, and what sites you visit every time most people use the Internet. I think this practice is defiantly immoral, but give how constrictive contracts are I don't see how this is against the law. if you could point me towards some case law or a brief it would be much appreciated.
Why does your phone know your gender in the first place?
Let me just say, their Yes channel is awesomely crappy and incomplete. Did those guys never hear of RELAYER? Hello? Classic, amirite?
The only ads I ever got on Pandora before paying were those "cheap vacations for students" ads over and over and over again. Nothing localized/individualized at all.
You obviously don't have a Mac
Letting things out of my box?
a/s/l????
I pay for Pandora... so I get no ads.
Not that I care if they are sending tokens of data to advertisers, I don't imagine there is some guy with a sinister black moustache wringing his hands at the other end. I'm sure it gets stuffed into a database and generalized. Just like those discount cards for grocery stores etc.
This is paranoid sensationalism. I hope anyone who complains doesn't have a facebook account.
I've read the articles and seen what they are sending, and I don't care. With Pandora, I get all my music for free, and I'm willing to trade some info for that.
I remain curious as to how Android knows my gender, however. Sure, you could guess from my name, but I'm pretty sure there isn't a checkbox for "sex" anywhere in my phone config. Regardless, it wasn't a secret anyway. :)
Necron69
Haven't updated the app since it started asking for "Personal Information" permissions several months ago.
I'm rather curious as to how the app is supposed to be determining my gender/sex in the first place. Algorithmically based on the songs I listen to? If so, all those Glee songs I upvoted are probably throwing it off.
I'm actually interested to see the hard facts on this concerning the iphone. When I pull up my location services on my phone it claims to list all of the applications that have requested my location in the past 24 hrs and pandora is not listed. I always thought the geographic data was pulled from my profile, mostly because all my ads are based on Chicago products, though I haven't lived there in 10 years. And yes, lets be honest, why would I my actual information in my profile? When signing in Pandora states that "Pandora may use your device model, ID and system version to personalize listening and advertising". Nope, nothing about geography...
does the pandora one application still collect this data? I know it doesnt show the ads, but im betting it still collects and forwards the information.
I'm curious if paying subscribers are also having their privacy raped by Pandora. Most likely, but it would be nice if they didn't.
If anyone making money off of my usage statistics would care to cut me in on the deal then I'm all for it. If you're just pimping my data without giving me my cut then (E+G)/2 you. Bye Bye Pandora. I'll get my Pixies fix elsewhere.
What about detailed ingredients in the food you buy? Warning for genetically altered food? Is that for stupid people also?
You sound like such a tough guy, though... You must be really awesome.
"Science can amuse and fascinate us all, but it is engineering that changes the world. " - Asimov.
Instead of being sneaky,breaking privacy laws, why the hell don't they just ask what products you would like advertised? And just because they can spy doesn't make it right or wanted. It should be an opt-in choice and always upfront
Jack of all trades,master of none
"Any app that uses internet could find out where you are by your ip address"
Do you think your ip address changes from tower to tower or something?
On the level of this topic- the locations being sought are on mobile phones, that in a given day could be anywhere in a 300 mile radius of start point at the extreme, 50-70 miles in a given commute easily.
The advertisers that want your location, want to know what restaurant you might be near for example.
and you think this can be determined simply from a cell phone IP address?
every day http://en.wikipedia.org/wiki/Special:Random
OK, time to sue. We need to not just spank these guys with a nice hefty fine which will go towards keeping our incompetent government officials being paid for doing what they don't do, we need to sue these guys and actually put them out of biz. If I was to sneak into your house and copy information from papers on your desk, I'd be in jail. You know whats going to happen here? Nothing. Just like every other fkng internet crime by a company or corporation. They just offset the cost of the fine and roll it out of dividends and the stock goes down for awhile. Please... give me a break.
"Computers are a lot like Air Conditioners" "They both work great until you start opening Windows"
Weren't these the same plucky underdogs who begged right-thinking, savvy freedom lovers to come to their defense against the evil MAFIAA trying to shut them down though usurious fees? And this is their reward? Thanks for nothing (and all the ads).
Sends junk data instead of true data for any app.
I tried to install the Google Maps application once on my Blackberry 9700 Bold and it wouldn't allow me to customize application permissions in the usual way. I was surprised and canceled the install because the Bold normally gives me alot of options to lock down what information is being shared, and I like it that way. I don't currently use Pandora (despite the recommendations of my friends) and I was wondering, does anyone know if the issue in TFA works the same way on a Blackberry as it appears to on the iPhone and Android OS?
Anybody using a Blackberry have any info on this? Pandora seems like a pretty awesome idea/service, but my participation in the digital community overall stops at volunteering my GPS location information to 3rd party applications and their developers, among other things.
I wanted to know how it worked with paid subscribers, so I pulled up the privacy inspector app (which I've never used before so can't vouch for its worth) and scanned pandora. The only permissions it uses are the device ID (for auto login), network type and network status. Seems reasonable to me.
Talk Tom, Flixter, Text Plus+ and list goes on..
All these Apps vacuum up everything they can through the API and sell it to everyone on the planet who are willing to play.
"Free" really means you are free to bend over.
If you've ever developed for iOS or Android and wanted to release an ad-supported app, then you're probably aware of the plethora of mobile advertising networks available. The APIs they distribute determine what data is used to serve an ad. Some ad networks only require internet access, but others want location, tasks, phone identity, and/or phone state. Often, the networks that seek more data generally provide developers with more ad revenue. Do men want to see ads for vagisil and maxi-pads? Maybe, but chances are they wont click on those so why waste the time and bandwidth serving irrelevant ads? The more permissions an ad network requires, the more targeted an ad will be... or at least, that's the theory. These data are generally harmless and if they're not collecting your phone number, address, or email address, then it's not like you'll start receiving spam and junk mail. Honestly, Facebook gathers way more identifying information than these apps. Sadly, the number of ad networks that only require internet seems to be dwindling. I don't know whether using these data to seed ads has any impact on click-through-rates, but if they do, fighting for fewer permissions is going to be an uphill battle. If you're really worried about such permissions, check to see if there's an ad-free alternative and pay for it.
Pandora is now gone from my Android phone. It is only unfortunate that the uninstaller I used didn't allow me to send them a profane nastygram in the process. It should be labeled MALWARE in the apps store.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Actually all those Glee songs may be outing your orientation. :^)
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Uninstalled the app, gave a negative review referring to this grand jury investigation, and upvoted all the other negative ratings for this privacy issue. I'm sure the damage has already been done, but this at least makes me feel better and hopefully hurts Pandora's reputation a bit.
Pandora is gathering and distributing more than just birthdate information. The ads that I'm getting are for wedding vendors in the own where I'm getting married - which is not my current location. This information is very private, and only available through my e-mail or access to a secured website. This makes me think that the information gathered goes far beyond the scope of what is described in their agreement.