iOS Apps Embalado com dados de localização Código Monetização
CYBER NEWS

iOS Apps Embalado com dados de localização Código Monetização

Security researchers have made an aggravating discovery that concerns an increasing number of iOS apps, which have been used to silently and secretly collect location histories from tens of millions of Apple devices. Para fazê-lo, the apps used packaged code provided by data monetization companies.




In some of the cases, the specially crafted tracking code could run at all times, which means that it can constantly send GPS coordinates and other sensitive details to its operators. This discovery puts a new perspective on iOS devices, stripping them from the privacy myth that typically surrounds Apple, and bringing them closer to what Android app developers have been doing for years.

Researchers from GuardianApp discovered that, for these apps to obtain access to GPS sensors data, they “present a plausible justification relevant to the app in the Location Services permission dialog, often with little or no mention of the fact that location data will be shared with third-party entities for purposes unrelated to app operation”.

What Type of iOS Information do Location Data Monetization Firms Collect?

Bluetooth LE Beacon Data
GPS Longitude and Latitude
Wi-Fi SSID (Network Name) and BSSID (Network MAC Address)

Contudo, according to the researchers, some firms tend to collect more less sensitive details tal como:

Accelerometer Information (X-axis, Y-axis, Z-axis)
Advertising Identifier (IDFA)
Battery Charge Percentage and Status (Battery or USB Charger)
Cellular Network MCC/MNC
Cellular Network Name
GPS Altitude and/or Speed
Timestamps for departure/arrival to a location

The research team has divulgado 24 examples of applications that contain specific code taken from location data monetization services, 12 known location data monetization firms, and approximately 100 examples of regional and local news apps which have previously contained code from a specific location data monetization firm known as RevealMobile.

Some of the apps are ASKfm (a social networking app for iOS), C25K 5K Trainer (a fitness app), Classifieds 2.0 Marketplace (a local classifieds app for iOS), Code Scanner by ScanLife (a shopping app for iOS), Coupon Sherpa (a coupon app), Homes.com (а real estate app), My Aurora Forecast (a weather app), etc. Each and every of these apps present a justification pop-up every time it requests access to Location Services, such as this one by Coupon Sherpa:

Location/Bluetooth- data may be used for providing relevant and timely coupons and for providing more applicable ads.

How Can iOS users Protect from Unwanted Tracking Behavior?

There are several steps that can help. Em primeiro lugar, users should consider turning on the Limit Ad Tracking feature. Para fazê-lo, go to Settings, then Privacy, and from there turn on that specific feature. This should make it more difficult for third parties to make unique identification of the iOS device.

Other measures are listed below:

  • Press “Don’t Allow” if a Location Services permission dialog contains “See privacy policy” or similar text.
  • Use a very generic name for the SSID of your home Wi-Fi router (eg. “home-wifi-1”).
  • Turn off Bluetooth functionality when it is not in use.

Interested in the subject? Make sure to tead more about the invasive app permissions in both iOS and Android.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...