Free mobile apps pose a serious threat to privacy because of their
ability to capture large amounts of user information. It was found that Free
mobile applications are 401% more likely to track user location and 314% more
likely to access user address books than Paid Mobile apps.
Many apps analyzed had permission to access the internet, which could
provide a means for exposed data to be transmitted from the device. Analysis of
1.7 million apps on the Android market also found that many apps solicit
personal information or perform functions not required for the apps to work.
According to Juniper Networks, 94% of free gambling apps that have permission
to make outbound calls do not describe why the app would justifiably use this
capability. Similarly, 83.88% of free gambling apps have permission to use the
camera and 84.51% have permission to send SMS messages. There is an overall
lack of transparency as to who is collecting information and how it is used.
Top findings of the Juniper Networks Study:
* 24.14% of free apps have
permission to track location, compared with 6.01% of paid apps
* 6.72% of free apps have
permission to access to your address book, compared with 2.14% of paid apps
* 2.64% of free apps have
permission to silently send text messages, compared with 1.45% of paid apps
* 6.39% of free apps have
permission to initiate background calls, compared with 1.88% of paid apps
* 5.53% of free apps have
permission to access the device camera, compared with 2.11% of paid apps
The study found that other permissions being requested from
applications include the ability to initiate outgoing calls, send SMS messages
and use a device camera without the user's knowledge. An application that can
clandestinely initiate a phone call could be used to silently listen to ambient
conversations within hearing distance of a mobile device.
Similarly, access to the device camera could enable a third party to
obtain video and pictures of the area where the device is present. Silently
sending SMS messages can also be a means to create a covert channel for
siphoning sensitive information from a device.
The potential for stealth SMS messages or calls can have monetary
repercussions by communicating with services that will subsequently charge a
fee, such as sending premium SMS messages. It was also found that that the
number of mobile applications downloaded this year will double to 45 billion.
Therefore, more needs to be done to inform people about the information
being captured, particularly as an increasing number of people use personal
devices in the workplace to access business-critical information.
The problem is that the companies, consumers and government employees
who install these apps often do not understand with whom they are sharing
personal information.
Even though a list of permissions is presented when installing an app,
most people do not understand what they are agreeing to or have the proper
information needed to make educated decisions about which apps to trust.
No comments:
Post a Comment