Analytics and ads and services. 90% of Android apps in the play store contain the text "google.com" That's all they checked. No data was checked, no source code looked at. They searched the APK files for host names.
What's slightly more concerning is nearly half of them potentially talk to Facebook. You already have a Google account and your phone is already sending data to the Play Store. You already know Google is is collecting analytics from your app on behalf on the developer. Why the hell do all these apps need to talk to Facebook?
In terms of global sales, 100,000 isn't that much. Let's pretend someone wants to sell a $500 phone and not provide support. That's $50M in revenue to cover all the tooling, manufacturing, design, components, marketing, shipping, retail margin, taxes, etc. The manufacturing and components alone are going to cost $100, that's $10M gone already. The non-recurring costs for tooling so you can start manufacture will be in the millions. You need to pay people to develop the original software build. It'll cost you up to $100,000 for PTCRB and FCC certification just so you can import it to USA. You'll probably want to do compliance testing with other authorities, like CE It's just not worth it to plan for such low volumes.
Your crap second hand car had zero free vendor support. Although, I just had the airbags replaced for free in my 2005 car. That's a safety thing though. It's never had a software update, ever. Cars don't get recalled when the keyless entry systems get hacked, even when it's still under warranty they generally don't fix it.
Perhaps you should have read TFS instead of just the title, where it states "phones and tablets" It's all devices that OEM's want to use the Play Store on.
The same Nexus 7 that got an upgrade to Android 6.0.1 in December 2015, over 2 years after it was release in July 2013? The one they guaranteed security updates until August 2016?
Their policy was/is 3 years since first release or 18 months since last sale, whichever is longer.
I'm not surprised they're limiting power draw to the official standards for unknown chargers.
They're what, 50% efficient? So charging at 10W means 10W of heat in the charger. Sitting right next to the battery, that you can't charge when it gets over 45 degrees or you risk it catching fire.
Do you know what kind of data they're talking about? The study used static analysis to search for hostnames in APK files. They matched the host names to those of known tracking companies. The string "google.com" was found in 87.52% of apps. Of those, Google API's were 67.51 and Google's ad services (DoubleClick) were down at 60.85%. Facebook was at 42.54%
That's the extent of it. They did no analysis of data and couldn't differentiate between advertising and analytics.
Another issue is that without dynamic network traffic analysis of all apps, including successful man-in-the-middle proxying and ability to interpret the data payloads, we cannot confirm precisely what data is sent to each tracker. Finally, different trackers serve different purposes; some facilitate targeted advertising, while others are used for analytics. Without further fine-grained distinctions between such purposes, the figures presented here do not represent the full nuance and variety of third party tracking and its impacts.
Take a look at a map. There are much easier ways to get tanks a troops in to Hong Kong. Like over the land that connects it to China. This bridge connects to Lantau Island, not Hong Kong Island.
... the file they have with your details associated with your ad id. No silent push. It's the lack of response when they send a push that implies you installed the app. A long period of no network access could also trigger it I suppose, unless Google/Apple response with an error when they try to push notifications to uninstalled apps.
Slashdot Mirror
Analytics and ads and services.
90% of Android apps in the play store contain the text "google.com"
That's all they checked. No data was checked, no source code looked at. They searched the APK files for host names.
What's slightly more concerning is nearly half of them potentially talk to Facebook. You already have a Google account and your phone is already sending data to the Play Store. You already know Google is is collecting analytics from your app on behalf on the developer.
Why the hell do all these apps need to talk to Facebook?
Italy are just the first ones to finish their case.
There's similar cases ongoing in France and USA.
In terms of global sales, 100,000 isn't that much.
Let's pretend someone wants to sell a $500 phone and not provide support.
That's $50M in revenue to cover all the tooling, manufacturing, design, components, marketing, shipping, retail margin, taxes, etc.
The manufacturing and components alone are going to cost $100, that's $10M gone already.
The non-recurring costs for tooling so you can start manufacture will be in the millions.
You need to pay people to develop the original software build.
It'll cost you up to $100,000 for PTCRB and FCC certification just so you can import it to USA. You'll probably want to do compliance testing with other authorities, like CE
It's just not worth it to plan for such low volumes.
Your crap second hand car had zero free vendor support.
Although, I just had the airbags replaced for free in my 2005 car. That's a safety thing though.
It's never had a software update, ever.
Cars don't get recalled when the keyless entry systems get hacked, even when it's still under warranty they generally don't fix it.
Perhaps you should have read TFS instead of just the title, where it states "phones and tablets"
It's all devices that OEM's want to use the Play Store on.
Meanwhile Apple just got fined $10 million for degrading the performance of old devices with software updates. Along with $5 million for Samsung.
The same Nexus 7 that got an upgrade to Android 6.0.1 in December 2015, over 2 years after it was release in July 2013? The one they guaranteed security updates until August 2016?
Their policy was/is 3 years since first release or 18 months since last sale, whichever is longer.
That'll only work in countries with pathetic consumer protection laws, like USA.
Those issues were resolved through study of the Ballmer Peak
https://xkcd.com/323/
What's the CVE for this exploit?
Or did the "security researcher" not disclose this to anyone before releasing it?
What's oPatch? is it like 0patch?
I'm not surprised they're limiting power draw to the official standards for unknown chargers.
They're what, 50% efficient?
So charging at 10W means 10W of heat in the charger. Sitting right next to the battery, that you can't charge when it gets over 45 degrees or you risk it catching fire.
Do you know what kind of data they're talking about?
The study used static analysis to search for hostnames in APK files. They matched the host names to those of known tracking companies.
The string "google.com" was found in 87.52% of apps. Of those, Google API's were 67.51 and Google's ad services (DoubleClick) were down at 60.85%.
Facebook was at 42.54%
That's the extent of it. They did no analysis of data and couldn't differentiate between advertising and analytics.
Another issue is
that without dynamic network traffic analysis of all apps, including
successful man-in-the-middle proxying and ability to interpret the
data payloads, we cannot confirm precisely what data is sent to each
tracker. Finally, different trackers serve different purposes; some
facilitate targeted advertising, while others are used for analytics.
Without further fine-grained distinctions between such purposes,
the figures presented here do not represent the full nuance and
variety of third party tracking and its impacts.
Take a look at a map. There are much easier ways to get tanks a troops in to Hong Kong. Like over the land that connects it to China.
This bridge connects to Lantau Island, not Hong Kong Island.
China already has physical connections to Hong Kong.
Maybe you should look at a map some time.
So you can't elaborate on this?
and even act maliciously ruining your phone or launch what would be tantamount to denial of service attack.
90% of Android apps use Google's free usage monitoring service and/or ad framework?
You don't say.
Focus you fuck
Kids do less damage to the expensive sensors on the front of the bus when they're hit, due to their smaller size.
an employee bus from Florida to France would be impressive. at 8 mph though, the journey would be a long one.
how exactly can they ruin your phone if you uninstall their app?
... the file they have with your details associated with your ad id.
No silent push. It's the lack of response when they send a push that implies you installed the app. A long period of no network access could also trigger it I suppose, unless Google/Apple response with an error when they try to push notifications to uninstalled apps.
You have a very relaxed definition of consciousness.
How far do you want to take it?
Should Chrome delete all your downloaded files when you uninstall it?
Or if you regenerate your advertising id in Android.
Settings -> Google -> Ads -> Reset advertising ID