Stories
Slash Boxes
Comments

SoylentNews is people

Apps on Google Play Disguised as Security Tools Instead Serve Ads and Track Users' Location

posted by martyb on Friday January 05 2018, @03:50PM   Printer-friendly
from the the-play's-the-thing-where-I'll-capture... dept.

fliptop writes:

TrendMicro has discovered 36 apps in Google Play that execute unwanted behavior:

These apps posed as useful security tools under the names Security Defender, Security Keeper, Smart Security, Advanced Boost, and more. They also advertised a variety of capabilities: scanning, cleaning junk, saving battery, cooling the CPU, locking apps, as well as message security, WiFi security, and so on.

The apps were actually able to perform these simple tasks, but they also secretly harvested user data, tracked user location, and aggressively pushed advertisements.

The apps in question have been removed from Google Play.

Related: Google Pauses Crackdown on Apps That Use Accessibility Features

Original Submission

 
This discussion has been archived. No new comments can be posted.
Apps on Google Play Disguised as Security Tools Instead Serve Ads and Track Users' Location | Log In/Create an Account | Top | 54 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by HiThere on Friday January 05 2018, @07:43PM (4 children)

    by HiThere (866) Subscriber Badge on Friday January 05 2018, @07:43PM (#618477) Journal

    What you say is true IFF you want the FSF to distribute your software. That's not one of my requirements.

    --
    Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 1, Insightful) by Anonymous Coward on Friday January 05 2018, @08:10PM (3 children)

    by Anonymous Coward on Friday January 05 2018, @08:10PM (#618489)

    If you want to contribute anything more than a few typo corrections, they'll start hounding you to sign a document which transfers to FSF rights to patents and copyrights. Nobody else does that sort of thing, and the result is that people would rather work on other projects than associate with the FSF.

    So, go ahead. Signal your virtues with a check to the FSF; the rest of us are going to spend our resources actually working on useful FOSS.

    • (Score: 0) by Anonymous Coward on Friday January 05 2018, @10:49PM

      by Anonymous Coward on Friday January 05 2018, @10:49PM (#618546)

      Apache does too. Projects there have to think about how much code they can accept from the community before a copyright assignment is needed.
      What's wrong with just answering "fuck off"? Either they take your contribution, reimplement it themselves, or you can post the patch on your website.

    • (Score: 0) by Anonymous Coward on Friday January 05 2018, @11:18PM (1 child)

      by Anonymous Coward on Friday January 05 2018, @11:18PM (#618550)

      So they try to make you sign away the copyrights and patents for your patch to them, or is it more broad than that?

      • (Score: 0) by Anonymous Coward on Saturday January 06 2018, @12:54AM

        by Anonymous Coward on Saturday January 06 2018, @12:54AM (#618569)

        The legal statement you're supposed to sign conveys to the FSF any future rights and patents that might in some way be connected back to your patch; on paper, you're basically giving up participation in the patent/copyright system, which is exactly what the FSF wants.

        The FSF only likes copyright law insofar as it can be hacked into supporting the copyleft philosophy.