Slashdot Mirror
Study Finds That a Large Number of Popular Android Apps Secretly Cast the Screen To Third Parties, But They Don't Listen To Conversations (gizmodo.com)
Kasmir Hill, reporting for Gizmodo: It's the smartphone conspiracy theory that just won't go away: Many, many people are convinced that their phones are listening to their conversations to target them with ads. [...] Some computer science academics at Northeastern University had heard enough people talking about this technological myth that they decided to do a rigorous study to tackle it. For the last year, Elleen Pan, Jingjing Ren, Martina Lindorfer, Christo Wilson, and David Choffnes ran an experiment involving more than 17,000 of the most popular apps on Android to find out whether any of them were secretly using the phone's mic to capture audio. The apps included those belonging to Facebook, as well as over 8,000 apps that send information to Facebook. Sorry, conspiracy theorists: They found no evidence of an app unexpectedly activating the microphone or sending audio out when not prompted to do so. Like good scientists, they refuse to say that their study definitively proves that your phone isn't secretly listening to you, but they didn't find a single instance of it happening. Instead, they discovered a different disturbing practice: apps recording a phone's screen and sending that information out to third parties.
Once they figure out how to do it and get away with it will happen.
Good news residents, thieves aren't coming to plunder your document safes. Instead, they're only going to rummage through your jewelry boxes.
May as well have led with a bit on no conclusive evidence that the apps were trying to give you cancer.
That seems worse than whatever stupid shit I might say near my phone.
WTF does that mean?
... that the following may be true:
People are far more forgetful of the actions they've taken online and how they could be used by data/ad companies.
People aren't entirely likely to notice ads without having some reason (e.g. just having talked about it)
Data/ad companies are far better about targeting their results than they were in the past.
People love a good conspiracy. I know I do.
There is no XUL, only WebExtensions...
Come on fanboys.
First you buy a little yupster DingDing YOLO-Pad, and later on it rapes and betrays you? or otherwise contributes to the end of your career, marriage and/or family ?
If not, then it's certainly a welcome side effect.
So the study finds that apps are sending screenshots to third party, including apps from Facebook, which may involve 'personal' correspondence.
And the lead is a dig at 'conspiracy theorists' who are worried about being spied on.
What a goddamn rag.
A bunch of guys sitting in a cave in the other side of the planet decided to demolish three skyscrapers usng jet fuel. The opportunity and means just presented itself and they had bad jihadist dreams so there's a motive. Forget Bin Laden fought Russia for the USA, that never happend either, like Building 7.
Read "Debunking 9-11 Debunking" by Dr. David Ray Griffin to get you scientific facts straight. Those Popular Mechanics libtards have lesser degrees in like journalism so their opinions dont count much anyway. :P
Comment removed based on user account deletion
On my Android, quite frequently, Firefox asks for permission to use the microphone. I deny it every time.
But why is it doing this? Is it malicious ads that are trying to record me?
The real "Libtards" are the Libertarians!
Sorry conspiracy theorists but reality is worse than you all thought!!! :-) :-)
"They" don't listen, but take screenshots!!!
a service provider recently claimed that they will stop selling location data to 3rd parties - I don't recall if they did or didn't mention stopping a speech-to-text business -- you have to remember that your conversations and locations may flow through a few brokers/businesses before it results in a targeted ad on your favorite website; that said, they do have impressively fast turn around; connecting dots was fun as a child; who would have thought that it would turn into a good way to make money
Are Android phones so poorly designed, they can't even ask for user consent before taking a screenshot?
I believe one thing that is happening is targeting ads based on the client IP address. If the IP address is that in the range of a typical ISP, then there is a very good chance that all of the devices with that IP address are in the same household, and targeting ads across devices would be profitable. About a week ago my girlfriend and I were talking about my old camper, and the work we did towards restoring it. She googled "vintage campers" on her cell phone, and on my laptop I had googled for my exact make and model camper. A little bit later I used my cell phone, and when I opened Facebook, it took me directly to a promoted Facebook Group called "Vintage Campers" and a listing of someone selling my model camper.
So, search terms and websites visited on two different devices somehow funneled into Facebook, which then showed me a Facebook group and post on a third device. It was so seamless I almost overlooked it, but the software developer in me quickly realized something deeper was going on as I had not done any searching on my phone at all (or within FB for that matter), nor did I use the term "vintage" in my searches on my laptop.
My point in all of this is it is trivial for ad services to put one and one together and deliver targeted ads in this way, and we could easily have misinterpreted it that my phone was "listening" to our conversation since I never did any of that searching on my phone yet it targeted me with ads. In these anecdotal reports, very likely one or the other person in the conversation was online and searching in regards to the topic at hand, and then ads were pushed to other devices due to using the same IP address.
Better known as 318230.
Have gnu, will travel.
"Sorry, conspiracy theorists: They found no evidence of an app unexpectedly activating the microphone or sending audio out when not prompted to do so."
Like capturing screenshots isn't a major privacy issue? This is practically equivalent to saying: "Sorry conspiracy theorists your no ones listening to your wife showering they are just watching her". Its like if at the end of the Truman show they all said "its ok, we didn't have any audio".
WTF am I in the twilight zone?
https://www.wsj.com/articles/t...
The WSJ reports:
Google said a year ago it would stop its computers from scanning the inboxes of Gmail users for information to personalize advertisements, saying it wanted users to âoeremain confident that Google will keep privacy and security paramount.â
But the internet giant continues to let hundreds of outside software developers scan the inboxes of millions of Gmail users who signed up for email-based services offering shopping price comparisons, automated travel-itinerary planners or other tools. Google does little to police those developers, who train their computersâ"and, in some cases, employeesâ"to read their usersâ(TM) emails, a Wall Street Journal examination has found.
One of those companies is Return Path Inc., which collects data for marketers by scanning the inboxes of more than two million people who have signed up for one of the free apps in Return Pathâ(TM)s partner network using a Gmail, Microsoft Corp. or Yahoo email address. Computers normally do the scanning, analyzing about 100 million emails a day. At one point about two years ago, Return Path employees read about 8,000 unredacted emails to help train the companyâ(TM)s software, people familiar with the episode say.
This examination of email data privacy is based on interviews with more than two dozen current and former employees of email app makers and data companies. The latitude outside developers have in handling user data shows how even as Google and other tech giants have touted efforts to tighten privacy, they have left the door open to others with different oversight practices.
It is most likely NSA taps feeding AI. It goes far beyond advertisements.
> 17,000 of the most popular apps
"popular" more like.
Apps fucking idiots install also a possiblity.
This is what people asked for anyway. With free apps they get what they pay for.
+----------------- | What is the question!
It's really that simple. Especially for something that already exists as a web site an app is just a way to try to extract more information from you. And a potential security vulnerability to boot.
Just another reason for the librem by purism. Can't wait to have a phone with adblock. No more garbage web experience on my phone!
internet in general is the most complex, detailed conversation in most internet users' lives today. It is definitely being "listened to" and contains far more information than most realize - not just information pertaining to conversations you had but also your thoughts and opinions if they invoked a question in your mind that caused you to make a query. Simple information like what if any reviews you looked at while purchasing a product can speak volumes about the way you think.
Without legislation to ban all trackers and recording of requests by ISPs and others, that's pretty much just the way it is.
In your dreams maybe.
MAGA
Trump 2020!!!!!!
never. do not doubt it - doubters will be heckled.
ps. this is only android. Iphones continue to listen to you.
but I thought you needed the "Apps that can appear on top" permission to record what a user is doing in other apps. Without it, the only thing that can be recorded is the developer's own app. This makes the privacy implications much smaller for most apps, since the developer will always have access to know what it is showing you (along with what you tap/type/press) as that is inherent in its ability to be interactive. That's not to say privacy couldn't be improved. In particular, "Apps that can appear on top" does not convey the ability to record a person's activities, so that really should to be renamed (or else sectioned out into a different permission). Also, for apps like web browsers and clients that connect to servers not operated by/for the developer, recording interactions in one's own app is a much bigger issue. I'm still not sure if there's anything that can be done about this security-wise though, because -- again -- the app needs access to the data in order to display it. Lastly, I feel like screenshots (as opposed to data like coordinates, strings values of fields, etc) are a kind of crude method for analytics anyway, yet they're the only thing this study focuses on. So it kind of gives a false impression to criticize this SDK, when I'm sure essentially the same information is transmitted (much more frequently) in text form and couldn't be detected by this survey.
at Gizmodo is so much higher than here. This comment included.
Look - a squirrel!
But apart from that it works extremely well!
I'd initially hoped they'd done it on the hardware level; monitoring the mic voltage and tapped the ADC channels.
I'm not surprised that shitty app devs are monetizing their users' data for a few extra cents. My particular concern is alphabet soup agencies and a creeping Staasi state doing it on some sort of fundamental level that bypasses permissions (and morality). Yes, I like my windows to have curtains, my mail to have envelopes, and my conversations to be private.
It's not a conspiracy theory when articles like this refute your study.
https://www.nytimes.com/2017/1...
Just another day in Paradise
Because Google Play needs access to everything or it pops up complaints all of the time if you limit it. On a pretty regular basis I get a notice that Google Play is having issues because I haven't allowed it to use my phone, access my contacts, and whatever else stupid shit it wants access to. Instead of failing gracefully it's a constant nag, and they've been ignoring bug reports on this "feature" for 3-4 years now.
You just described Dark Pattern design at work (darkpatterns.org for more info). The idea is that you get annoyed and as a result give the apps full rights without thinking the consequences. If it was possible to deny permanently certain rights without the annoyance of constant reminders very few users would grant the apps free access to data on the phone.
You pay for the "free" apps by giving up your privacy. What you described is an intentional feature and will not be listed as a bug.
Gizmodo is owned by Univision, which is itself owned by a private equity partnership in which a number of the top partners and executives have strong ties to the Democrat Party. You can look this up; it's public record.
Capitalism is the only reason you have consumer computers and phones. If you want to see what socialism does, look at Cuba, Venezuela and North Korea. Gee, mister, what a paradise!
1. The hardware specs aren't competitive with iPhone X and Pixel 2. They are already nearly obsolete and the phone isn't even out yet.
2. Lack of apps. Yes, they have their own store, but that means nothing. In 2018, HUGE amounts of business and social situations require downloading third-party smart phone apps, and that means using the iOS App Store or Google Play. Purism has discussed creating method for running Android apps in sandbox isolation, but unfortunately has NOT prioritized that. Unless they do, Librem 5 will never go mainstream.