Nova study A team of university researchers in the UK has discovered a host of privacy issues arising from the use of Android smartphones.
The researchers focused on Samsung, Xiaomi, Realme and Huawei Android devices.
The conclusion of the study could worry most Android users: “even when it is minimally configured and when the phone is idle”, Android phones transmit significant amounts of information to the OS developer, as well as to third parties (Google, Microsoft, LinkedIn, Facebook etc.) that have pre-installed system applications, the researchers say.
Sensitive user data, such as permanent identifiers, application usage details, and telemetry information, are not only shared with device manufacturers, but are also sent to various other companies, such as Microsoft, LinkedIn, and Facebook. And to make matters worse, all this data is also sent to Google.
It is important to note that this refers to the collection of data for which there is no possibility of disconnection, so Android users are powerless against this type of telemetry.
This is especially troubling when smartphone manufacturers ship devices with third-party applications that collect data in the background even if the device owner does not use it and that cannot be uninstalled.
For some of the embedded system applications, such as miui.analytics (Xiaomi), Heytap (Realme) and Hicloud (Huawei), researchers have found that encrypted data can sometimes be decoded, putting data at risk from MitM (middle man) attacks. .
Even if a user resets the ad IDs for their Google account on Android, the data collection system can reconnect the new ID to the same device and add it to the original tracking history.
Deanonymization of users takes place by various methods, via SIM, IMEI, location data history, IP address, SSID or a combination thereof.
“While we appreciate the researchers’ work, we don’t agree that this behavior is unexpected – that’s how modern smartphones work,” a Google spokesman told BleepingComputer, commenting on a study by British scientists. “As explained in our Google Play Help Center article, this information is necessary for basic device services, such as push notifications and software updates in a diverse device ecosystem and software versions. For example, Google Play uses data from certified Android devices to support basic device features. Collecting limited basic information, such as device IMEI, is essential for the reliable delivery of critical updates to Android devices and applications. “
Source: Informacija.rs by www.informacija.rs.
*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!