SoylentNews is people
SoylentNews
A new Free and Open-Source project called "Exodus" scans Android apps and already has found many advertising trackers:
"Researchers at Yale Privacy Lab and French nonprofit Exodus Privacy have documented the proliferation of tracking software on smartphones, finding that weather, flashlight, rideshare, and dating apps, among others, are infested with dozens of different types of trackers collecting vast amounts of information to better target advertising.
Exodus security researchers identified 44 trackers in more than 300 apps for Google's Android smartphone operating system. The apps, collectively, have been downloaded billions of times. Yale Privacy Lab, within the university's law school, is working to replicate the Exodus findings and has already released reports on 25 of the trackers.
Yale Privacy Lab researchers have only been able to analyze Android apps, but believe many of the trackers also exist on iOS, since companies often distribute for both platforms. To find trackers, the Exodus researchers built a custom auditing platform for Android apps, which searched through the apps for digital "signatures" distilled from known trackers. A signature might be a tell-tale set of keywords or string of bytes found in an app file, or a mathematically-derived "hash" summary of the file itself.
The findings underscore the pervasiveness of tracking despite a permissions system on Android that supposedly puts users in control of their own data. They also highlight how a large and varied set of firms are working to enable tracking."
The statement by Yale Privacy Lab summarizes the situation, and the story has seen coverage by Cory Doctorow and Le Monde. Private search engine Qwant has removed trackers in its app and Protonmail is under fire.
(Score: 0, Interesting) by Anonymous Coward on Sunday November 26 2017, @08:09PM (8 children)
They might not be tracking you, but they do have to censor search results to comply with their laws. Tracking is not our only issue. The entire internet is too centralized. We need to make it more ad hoc and P2P. This will clear up a lot of problems regarding censorship, access, and tracking.
As an aside, can't tracking be simply sniffed out of network traffic? And is there an available firewall that can block an app's internet connection entirely?
(Score: 4, Insightful) by frojack on Sunday November 26 2017, @08:38PM (5 children)
How will that solve anything? A tracker built into an android app is already just as likely to phone home to a static IP as it is to a DNS name.
And the home address of the mothership is as likely to be the same address that services the app's primary purpose (such as a weather site).
So the app hangs a token on the weather data request, and along with your current position, the token encodes phone number, device id, name, and every thing else the app can get its hands on.
How does changing how the internet works fix that? It encourages that in spades.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Sunday November 26 2017, @08:52PM (4 children)
Well, that's what the firewall and a good sniffer is supposed to fix. Ad hoc and P2P will still help to mitigate censorship and access issues. Private connections can still be established. Nobody will be able to shut down your VPN, because we would have various alternatives to the local ISP (island hop to somebody else's), or at least provide enough separation to make tracking impractical.
(Score: 2) by frojack on Sunday November 26 2017, @08:55PM (2 children)
None of that stuff is the issue under discussion. You want to design a workable alternative to tcp/ip be my guest. Post back in 20 years with your first working beta.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Sunday November 26 2017, @10:03PM
You want to block tracking? You have to start somewhere. Or maybe you prefer to cling to the prize you have inside the monkey trap? Be my guest... I was under the impression you wanted to make things better..
(Score: 0) by Anonymous Coward on Monday November 27 2017, @02:57AM
I've read good things about IPoCP
(Score: 3, Informative) by Arik on Monday November 27 2017, @04:40AM
If laughter is the best medicine, who are the best doctors?
(Score: 4, Interesting) by stretch611 on Sunday November 26 2017, @11:29PM
More ad hoc and P2P will help censorship on the surface, but make tracking worse. And the better tracking gets the worse censorship can be without being able to remove tracking.
As for being based in Europe, that only helps lip service. I'll admit, companies are probably worse in the US due to lax laws and enforcement actions, but it is naive to think businesses in Europe are always honest and comply with the law. (Think Volkswagon)
Whats to stop a European company from setting up a server in a hosted environment here in the US? Then if they get caught they just say they only track US citizens not Europeans. This will be even easier to do and harder to find out with more ad hoc and P2P.
Businesses are out there and they want your data; if not for themselves, to sell to someone else. It doesn't matter which country. Many don't care if it is legal or not. Even if caught, chances are that fines will be a slap on the wrist compared to the profit they make. The real small companies can just pack up shop and set up a new business before they can be held accountable.
Now with 5 covid vaccine shots/boosters altering my DNA :P
(Score: 2) by urza9814 on Tuesday November 28 2017, @04:15PM
I use AFWall+, available from the F-Droid repos.
https://f-droid.org/en/packages/dev.ukanth.ufirewall/ [f-droid.org]