SoylentNews is people
SoylentNews
Submitted via IRC for AnonymousCoward
Robocall blocking apps caught sending your data without permission – TechCrunch
Robocall-blocking apps promise to rid your life of spoofed and spam phone calls. But are they as trustworthy as they claim to be?
One security researcher said many of these apps can violate your privacy as soon as they are opened.
Dan Hastings, a senior security consultant at cybersecurity firm NCC Group, analyzed some of the most popular robocall-blocking apps — including TrapCall, Truecaller and Hiya — and found egregious privacy violations.
[...] many of these apps, said Hastings, send user or device data to third-party data analytics companies — often to monetize your information — without your explicit consent, instead burying the details in their privacy policies.
One app, TrapCall, sent users’ phone numbers to a third-party analytics firm, AppsFlyer, without telling users — neither in the app nor in the privacy policy.
He also found Truecaller and Hiya uploaded device data — device type, model and software version, among other things — before a user could accept their privacy policies. Those apps, said Hastings, violate Apple’s app guidelines on data use and sharing, which mandate that app makers first obtain permission before using or sending data to third-parties.
Many of the other apps aren’t much better. Several other apps that Hastings tested immediately sent some data to Facebook as soon as the app loaded.
(Score: 1, Insightful) by Anonymous Coward on Sunday August 11 2019, @09:22PM (3 children)
Is this significant because they are annoyance reduction apps?
I thought most apps these days had this phone home leakage baked in, for all the always online OS. Whether it be apple android ms or many mainstream flavours of linux.
(Score: 2) by c0lo on Monday August 12 2019, @02:51AM
You say it like it's a good thing.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by AthanasiusKircher on Monday August 12 2019, @02:54AM (1 child)
Yeah, doesn't really surprise me that much either, which is why I pretty much disable almost all the app permissions for anything I download. 90% of the time it warns you that the app may not work, but I've found that 90% of the time it warns you, the app still works fine. And if it doesn't, I download a different app that doesn't need some stupid permission that it clearly doesn't need. (No, a calculator app doesn't need to access my contacts and photos....)
Well, TFA claims some of this is against Apple's app guidelines. Personally, I believe if Apple (or any company) actually cared about privacy, when they asked for app permissions, they should be required to ask individually for every single permission. And each one should require a confirmation checkbox after you see a list of the worst case scenarios of what this permission means.
Example: "This app wants permission to access your camera and photos. This means it could be sending the app developer or some party any picture you've taken or have in your archive, including those dick pics you have or the porn stash you have on your phone. (By the way, we're Apple, so we know you have these. Just sayin'. What the hell did you think iCloud 'backup' was for? We want to see your junk!) Also, with access to your camera, it could easily be taking photos of you at any time -- while you're going to the bathroom or having sex or wearing that weird hat your SO told you looks stupid (yeah, we can listen to your microphone too) while jerking off to the porn collection on your phone. ARE YOU SURE YOU WANT TO ALLOW THIS PERMISSION??"
(Score: 0) by Anonymous Coward on Monday August 12 2019, @06:47AM
You should also be able to give random data to the apps, rather than letting them access your real data.