Uber's Android App Caught Reporting Data Back Without Permission

Posted by timothy on Thursday November 27, 2014 @04:19AM from the distinguish-from-government dept.

Zothecula writes Security researcher GironSec has pulled Uber's Android app apart and discovered that it's sending a huge amount of personal data back to base – including your call logs, what apps you've got installed, whether your phone is vulnerable to certain malware, whether your phone is rooted, and your SMS and MMS logs, which it explicitly doesn't have permission to do. It's the latest in a series of big-time missteps for a company whose core business model is, frankly, illegal in most of its markets as well.

1 of 234 comments (clear)

Min score:

Reason:

Sort:

Spoofing by korbulon · 2014-11-27 04:28 · Score: 4, Funny

Tangentially, does anyone know of a procedure on Android which enables you to spoof your personal data and activity (at least as far as apps are concerned)?
Example: your name is Dorothy and you're in Kansas clicking your red ruby slippers together, but all apps see you as Toto, living down in Africa, blessing the rains.