Tech News

Study reveals Android app security threat

Researchers warned thousands of apps have the ability to circumvent Android’s permissions system and gain access to sensitive user information.

A study of more than 88,000 Android apps by University of California Berkeley found nearly 13,000 contain the code necessary to gain unauthorised access to user information. The research team also detected around 60 apps which were actively using various workarounds.

Serge Egelman, a research director at the university’s International Computer Science Institute, presented the findings at a recent privacy-focused event held by the US Federal Trade Commission.

Digging
He noted the most common way apps get around Android’s permissions structure is by mining a device’s file system for information.

“While the Android APIs are protected by the permission system, the file system often is not. So there are apps that can be denied access to the data but then they find it in various places on the file system, which they have full access to.”

Serge Egelman, Research Director

Egelman flagged Wi-Fi network data as a key target, as it can provide a surrogate for location information which has otherwise been denied. Though location data including GPS coordinates and Wi-Fi network addresses are protected by Android permissions, he said the latter is also stored on the device’s file system.

“What this means is there are situations where the user might have been prompted explicitly to grant user location data to the app, they decline and then the app reads that information off the file system instead.”

Threat level
He said while the number of apps exploiting this particular vulnerability is relatively small; the user base for these apps is “in the billions”.

Egelman said Google promised to close such loopholes in its forthcoming Android Q release after researchers shared their findings with the company. But, he noted Android Q will only be available to users of newer devices, leaving the “vast majority” of users vulnerable.

Source: Mobileworldlive.com

business

Share
Published by
business

Recent Posts

7 Creative Hacks to Skyrocket Your Rankings in 2024

Introduction Image Source: Freepik Conquering the ever-evolving SEO landscape can feel like deciphering a complex…

4 months ago

Looking for an SEO Edge? 7 Unorthodox Strategies for 2024

Introduction Image Source: Freepik In the ever-evolving landscape of SEO (Search Engine Optimization), staying ahead…

5 months ago

Top 10 Ghanaian Movies On Netflix 2024.

1. Taste of Sin (2023) "Taste of Sin," a production of Sami's Media and Dominion…

5 months ago

Struggling with Webinar Attendance? 7 Strategies to Get More Attendees

Introduction Image Source: Freepik Webinars offer a powerful tool for lead generation, brand awareness, and…

5 months ago

The Truth About SEO Results: How Long Does it Really Take?

Introduction Image Source: Freepik In the fast-paced world of digital marketing, patience can be a…

5 months ago

Struggling with Sales Emails? 7 Creative Hacks to Get More Results

Introduction Image Source: Freepik In today's digital age, email marketing remains a powerful tool for…

5 months ago