Built for Business - Learn more about BlackBerry KEY2
09-13-19 12:13 AM
30 12
tools
  1. Invictus0's Avatar
    The apps gather information such as location, even after owners explicitly say no. Google says a fix won’t come until Android Q.

    Permissions on Android apps are intended to be gatekeepers for how much data your device gives up. If you don't want a flashlight app to be able to read through your call logs, you should be able to deny that access. But even when you say no, many apps find a way around: Researchers discovered more than 1,000 apps that skirted restrictions, allowing them to gather precise geolocation data and phone identifiers behind your back.
    https://www.cnet.com/news/more-than-...y-permissions/

    Some noteworthy apps were named in the report.
    07-08-19 11:14 AM
  2. Bla1ze's Avatar
    Scummy but nothing surprising there honestly. It's basic data you've given to your carrier and whoever your carrier sold it to already. Not saying it's right, they shouldn't be doing it, but there's worse data they could be pulling.

    More than 1,000 Android apps harvest data even after you deny permissions.-screen-shot-2019-07-08-1.35.35-pm.png

    The info I would be most concerned with there would be the email and phone number and none were found abusing that permission. The rest you hand out rather freely knowingly or unknowingly as soon as you pop a SIM card in or connect to wifi.
    Midnightflyer and Mecca EL like this.
    07-08-19 11:30 AM
  3. oldmangeddyboy's Avatar
    Even with the promised fix of android Q does anyone honestly believe apps & Google will not just carry on regardless?

    Posted via CB10
    elfabio80 likes this.
    07-08-19 11:33 AM
  4. Bla1ze's Avatar
    Even with the promised fix of android Q does anyone honestly believe apps & Google will not just carry on regardless?

    Posted via CB10
    They'll all carry on unless real fines are handed out. Like, nearly bankrupt worthy fines.
    07-08-19 11:40 AM
  5. oldmangeddyboy's Avatar
    Yeah but somehow I can't see that happening,perhaps too many pockets have been lined?

    Posted via CB10
    phuoc and dantheman77 like this.
    07-08-19 11:43 AM
  6. Bla1ze's Avatar
    Yeah but somehow I can't see that happening,perhaps too many pockets have been lined?

    Posted via CB10
    Well, that and the FTC/FCC are toothless for many other reasons.
    phuoc and Midnightflyer like this.
    07-08-19 11:44 AM
  7. oldmangeddyboy's Avatar
    Indeed,i wonder how many of the apps we use on a daily basis are doing things without our permission? ..

    Posted via CB10
    07-08-19 11:46 AM
  8. bb10adopter111's Avatar
    They'll all carry on unless real fines are handed out. Like, nearly bankrupt worthy fines.
    If they are doing that with European citizens' data they could be fined up to 4% of global REVENUE under GDPR. That could completely wipe out profits for many companies and could drive unprofitable ones to bankruptcy. But we'd need to see European regulators become more aggressive.

    Posted with my trusty Z10
    07-08-19 11:47 AM
  9. Bla1ze's Avatar
    If they are doing that with European citizens' data they could be fined up to 4% of global REVENUE under GDPR. That could completely wipe out profits for many companies and could drive unprofitable ones to bankruptcy. But we'd need to see European regulators become more aggressive.

    Posted with my trusty Z10
    Still needs someone to actively push it through.
    07-08-19 03:33 PM
  10. Invictus0's Avatar
    Scummy but nothing surprising there honestly. It's basic data you've given to your carrier and whoever your carrier sold it to already. Not saying it's right, they shouldn't be doing it, but there's worse data they could be pulling.

    Click image for larger version. 

Name:	Screen Shot 2019-07-08 at 1.35.35 PM.png 
Views:	67 
Size:	52.1 KB 
ID:	445175

    The info I would be most concerned with there would be the email and phone number and none were found abusing that permission. The rest you hand out rather freely knowingly or unknowingly as soon as you pop a SIM card in or connect to wifi.
    IMEI and GPS are probably the most alarming considering their potential for misuse.

    It's worrying that even cautious users could have inadvertently leaked this information to countless sources. And then you have billions of other Android users who might be impacted...
    07-08-19 04:46 PM
  11. Bla1ze's Avatar
    IMEI and GPS are probably the most alarming considering their potential for misuse.
    I dunno. Like I said, most people hand that data over all the time w/o even thinking.

    - File a bug report, there's a chance your IMEI is in it.
    - Your carrier has your IMEI and GPS info out the gate and is likely selling it.
    - People who want their phones unlocked / unlocked for free hand their IMEI over to random people all the time.
    - Posting tear down photos of your device, good chance you've snapped your IMEI label info and posted it.
    - Sharing pics around your neighborhood / or on vaction, you've given up your GPS info. Imagine how many people let their EXIF data be tagged and then share to services that don't strip the info.
    - Run a BlackBerry website and posting photos of the BlackBerry box/device, you've given up IMEI info (OK maybe this one is less common, but it's been done lol)

    And all that is just off the top of my head. Even things such as your Mac ID people hand out all the time to random folks. Everytime you connect to a public/shared WiFi you're entrusting that connection with your Mac ID. Even something as simple as a Speedtest can capture your GPS, Router SSID, Router Mac and IMEI. And if you want to track the tests and sign up for an account, they likely got your email.
    Mecca EL and Midnightflyer like this.
    07-08-19 04:48 PM
  12. TgeekB's Avatar
    I dunno. Like I said, most people hand that data over all the time w/o even thinking.

    - File a bug report, there's a chance your IMEI is in it.
    - Your carrier has your IMEI and GPS info out the gate and is likely selling it.
    - People who want their phones unlocked / unlocked for free hand their IMEI over to random people all the time.
    - Posting tear down photos of your device, good chance you've snapped your IMEI label info and posted it.
    - Sharing pics around your neighborhood / or on vaction, you've given up your GPS info. Imagine how many people let their EXIF data be tagged and then share to services that don't strip the info.
    - Run a BlackBerry website and posting photos of the BlackBerry box/device, you've given up IMEI info (OK maybe this one is less common, but it's been done lol)

    And all that is just off the top of my head. Even things such as your Mac ID people hand out all the time to random folks. Everytime you connect to a public/shared WiFi you're entrusting that connection with your Mac ID. Even something as simple as a Speedtest can capture your GPS, Router SSID, Router Mac and IMEI. And if you want to track the tests and sign up for an account, they likely got your email.
    But it’s fun thinking the world is coming to an end because of Android. Don’t ruin it for everybody.
    Mecca EL and nevilleadaniels like this.
    07-08-19 06:27 PM
  13. Bla1ze's Avatar
    But it’s fun thinking the world is coming to an end because of Android. Don’t ruin it for everybody.
    Sowwy. My bad.
    TgeekB, Flatman, phuoc and 1 others like this.
    07-08-19 06:32 PM
  14. Invictus0's Avatar
    I dunno. Like I said, most people hand that data over all the time w/o even thinking.

    - File a bug report, there's a chance your IMEI is in it.
    - Your carrier has your IMEI and GPS info out the gate and is likely selling it.
    - People who want their phones unlocked / unlocked for free hand their IMEI over to random people all the time.
    - Posting tear down photos of your device, good chance you've snapped your IMEI label info and posted it.
    - Sharing pics around your neighborhood / or on vaction, you've given up your GPS info. Imagine how many people let their EXIF data be tagged and then share to services that don't strip the info.
    - Run a BlackBerry website and posting photos of the BlackBerry box/device, you've given up IMEI info (OK maybe this one is less common, but it's been done lol)

    And all that is just off the top of my head. Even things such as your Mac ID people hand out all the time to random folks. Everytime you connect to a public/shared WiFi you're entrusting that connection with your Mac ID. Even something as simple as a Speedtest can capture your GPS, Router SSID, Router Mac and IMEI. And if you want to track the tests and sign up for an account, they likely got your email.
    It's pretty much a given that your carrier and OEM will have access to your IMEI number, they need it to run their services after all. I hate to say it but with the exception of people sharing EXIF data, the other examples you gave just aren't all that common.

    Android Q is supposed to cut down on some of this sharing, I think iOS already does.
    07-08-19 07:48 PM
  15. Bla1ze's Avatar
    the other examples you gave just aren't all that common.
    You're entitled to believe that if you wish.
    Mecca EL and Midnightflyer like this.
    07-08-19 07:50 PM
  16. Invictus0's Avatar
    You're entitled to believe that if you wish.
    Keep in mind though that of the apps named so far we're looking at nearly 3 billion installs so the scale could be unprecedented. Whether any of that data was used for anything malicious though is a different discussion.
    07-08-19 08:04 PM
  17. Bla1ze's Avatar
    Keep in mind though that of the apps named so far we're looking at nearly 3 billion installs so the scale could be unprecedented. Whether any of that data was used for anything malicious though is a different discussion.
    Yeah, pretty much. Mobile security as a whole is a dumpster fire. It's said jokingly by many but really the only way to stay 'secure' (depending on your definition of secure), is to not have a mobile phone at all. Even owning a dumbphone won't save you potyential security threats.
    Mecca EL and Midnightflyer like this.
    07-08-19 08:16 PM
  18. Invictus0's Avatar
    Yeah, pretty much. Mobile security as a whole is a dumpster fire. It's said jokingly by many but really the only way to stay 'secure' (depending on your definition of secure), is to not have a mobile phone at all. Even owning a dumbphone won't save you potyential security threats.
    All this time BB Mobile has been focusing on throwbacks to the Bold when in reality they should have been working on an updated BB 950.
    elfabio80, Flatman and Bla1ze like this.
    07-08-19 08:24 PM
  19. Bla1ze's Avatar
    All this time BB Mobile has been focusing on throwbacks to the Bold when in reality they should have been working on an updated BB 950.
    Maybe they need to get into real estate and start selling 'off the grid' tiny cabins in the woods.
    07-08-19 08:27 PM
  20. brookie229's Avatar
    tiny cabins in the woods.
    I have one of those.
    Mecca EL and Bla1ze like this.
    07-08-19 08:29 PM
  21. SteinwayTransitCorp's Avatar
    Your shocked by this, people must remember Google does not give away the OS for free. You pay for the OS by giving up all of your right.
    Last edited by Thud Hardsmack; 07-09-19 at 09:23 AM. Reason: fixed quote
    elfabio80 and Midnightflyer like this.
    07-09-19 08:38 AM
  22. Bla1ze's Avatar
    Your shocked by this, people must remember Google does not give away the OS for free. You pay for the OS by giving up all of your right.
    This isn't entirely on Google. The developers are bypassing rules in place and using workarounds. Sure, it's Google's fault the holes exist in the first place but it's the developers choice to skirt those boundries. I'm sure plenty know about it and chose to do things the right way.
    07-09-19 09:39 AM
  23. i_plod_an_dr_void's Avatar
    https://www.cnet.com/news/more-than-...y-permissions/

    Some noteworthy apps were named in the report.
    If there wasn't an ogle in Google it wouldn't be Google. Bring back BB10! If humanity didn't value some privacy we'd all live in houses with saranwrapped (clear plastic) walls (if any). Whose willing to give up their solid housing walls for ....ahh ummm basically nothing in return? The Google android proposition.
    Midnightflyer and CrackPriv like this.
    07-09-19 03:44 PM
  24. app_Developer's Avatar
    If there wasn't an ogle in Google it wouldn't be Google. Bring back BB10! If humanity didn't value some privacy we'd all live in houses with saranwrapped (clear plastic) walls (if any). Whose willing to give up their solid housing walls for ....ahh ummm basically nothing in return? The Google android proposition.
    Someone should check if the BB10 Android runtime exposes this same data. I bet it actually does.
    07-09-19 06:17 PM
  25. Thud Hardsmack's Avatar
    Someone should check if the BB10 Android runtime exposes this same data. I bet it actually does.
    Access to storage permission gives access to anything found in /misc/storage, which includes geotagged photos if that option is enabled in the camera app.
    07-10-19 01:49 AM
30 12

Similar Threads

  1. Question about Google's apps (Cobalt's method).
    By fla 15 in forum Android Apps (Amazon Store & APK Files)
    Replies: 18
    Last Post: 08-16-19, 07:10 AM
  2. How often do you factory reset your phone?
    By skilas in forum General BlackBerry Discussion
    Replies: 17
    Last Post: 08-09-19, 10:43 PM
  3. How to Transfer Pics from SIM card to Computer AFTER
    By ntsaves in forum BlackBerry Classic
    Replies: 11
    Last Post: 07-14-19, 12:46 PM
  4. AFW app uninstall permission/App login issues
    By Dugganm in forum BlackBerry UEM
    Replies: 1
    Last Post: 07-11-19, 11:34 AM
  5. The Amazon App has an easy way to save an extra 20% this Prime Day
    By CrackBerry News in forum CrackBerry.com News Discussion
    Replies: 0
    Last Post: 07-08-19, 12:30 PM
LINK TO POST COPIED TO CLIPBOARD