- Posts tagged privacy
- Explore privacy on posterous
Android—which lives off advertising—has apps sending GPS, phone numbers to ad firms
Of 30 free, successful apps, about half were sending advertisers the user's GPS positioning and even phone numbers beyond what they were known to do. The updates would occur even when no ads were running, Ars Technica noted, and could occur as often as every 30 seconds.
What's beautiful is that while Google has not responded to this study, it has so far "recommended only that developers provide a simple way of accessing the privacy policy for a given app once it's already installed."
In other words, Google isn't concerned about what an app sends to ad firms as long as it's documented somewhere in such a manner the user could be blamed for not knowing about it.
I've said before that Google's customer is not the end user, but rather the advertising firms. This is further evidence of that. Agree with their business model or not (and it's legitimate), this is an end result.
Google's lax vetting allows almost any app in the Android market. Unscrupulous developers rejoice.
It collects a user’s browsing history, text messages, your phone’s SIM card number, subscriber identification, and even your voice mail password. It sends the data to a web site […] That site is evidently owned by someone in Shenzhen, China. The app has been downloaded anywhere from 1.1 million to 4.6 million times.
Though the research comes from a maker of Android security software, they've identified what the malicious app does and where the data is sent; the issue is real.
No vetting is perfect. Apple recently approved a flashlight app that housed a tethering application (though it harmed no users). But Apple shows concern about iPhone privacy. The excellent location services in iOS 4 are a great example. I appreciate the work they do on this.
For Android, we can and should excoriate the developers of this particular app, but we should also excoriate Google for barely trying to avoid this sort of thing.
So this is Android:
- Available apps with little curation, and security issues being exploited.
- Multiple OS releases and features that may or may not be coming to your particular hardware.
- Multiple devices from multiple vendors each having vendor-specific software/services (crapware).
- A real possibility that soon running security software will not only be prudent, but a foolish thing not to do.
Do these sound familiar? It's the Windows OS model of the 1990s. Android resembles it more every day.
Google: With our weak vetting, how could this have happened?
Meanwhile, dozens of apps were found to have the same type of access to sensitive information as known spyware does, including access to the content of e-mails and text messages, phone call information, and device location, said Dan Hoffman, chief technology officer at SMobile Systems.
It seems clear that with unsigned apps and minimal vetting for its market place, Android's (well, Google's) priority is not security. When you're trying like mad to offer as many apps as the iPhone you don't have time for such things. Apps with security issues have been pulled after they've been on the market and enough users complained. It such cases the end user is doing the real vetting.
Problem is, not all apps are obvious about what they do. Sooner or later that comes back to haunt the end user, which leads to the real issue: Google doesn't care that much because the end user is not their customer. I'm not saying Google wants third-party apps to be invasive without user permission, only that preventing it isn't a priority. The end user doesn't pay Google for their services, and are not their customer.
Similar to Facebook, Google's customer isn't the one using the product every day, but rather the marketing, ad, and analytics firms that make use of the massive amounts of data being gathered. There's nothing wrong with this—it's just a business model—but it's important to know Google's customers to understand Google's priorities. Indeed, philosophically Google may not even have an issue with these apps. Google's been gathering your data for years.
I'd like to see Google take some action on this. Get ahead of the game and make changes to the market place for vetting this stuff. Google can talk "open" all it wants, but they have a responsibility for what's on their store. They have no issue refusing apps that violate copyright or other firms' TOS, but that's all in the interest of their real customers. It's time they treated the end user with a little respect and looked out for her as well.
Five Reasons To Be Concerned About Google
Unfortunately, much of what is awesome about Google also makes them increasingly terrifying with each passing day
Though none of these points is new, given how few people seem to know them they bear repeating. It's a shame so many people—and, unfortunately, tech pundits—will fawn all over free stuff without ever considering where the money's coming from, and what's being done to get it.
I'm not predicting doom, or suggesting we all run screaming into the night, I'm just saying that when the front-facing (i.e., consumer) portion of a corporation is free, but we know that corporation is making billions and trading stock at $475 a share, we should concern ourselves with the source. This isn't some paranoid conspiracy, to me it's just common sense. No one is filling Google's coffers because they give away stuff.
Regarding Facebook Privacy: Robert Scoble has to know what you're doing that needs to be private
Just what are you doing that needs to be so damned private? Are you having sex inside Facebook? Doing illegal drugs? Cheating on your wife? Damn, your Facebook life must be SO interesting!
Me, count me out of this whole privacy thing. I want everything I do to be public and then I don’t have to spill thousands of words crying when Mark Zuckerberg takes my stuff and exposes it in a search engine.
With all due respect, it's none of your damn business what any of us are doing that we want private. Some of us are just private people, there's nothing unusual about that. Perhaps most of us sit somewhere in the middle, but even so we should be all concerned about Facebook's growing disregard for protecting what we put online.
Scoble feels you either share nothing at all (i.e., you don't put it online) or you share with the world. There's nothing in-between. And since that doesn't bother him he wants to know just what you're doing? The gall of some people never ceases to amaze.
It's becoming clear that the individuals unconcerned about privacy feel that way less because they don't mind their information being available to everybody, and more because they'll pay that price in order to have everyone else's formation available to them. At best, it makes them busybodies; the annoying acquaintance always asking you about that which you've shown a preference not to share. At worst, it makes them… well, I don't think we know that yet.
Mr. Scoble, I respect your desire to put all of yourself online and have Facebook share it with the solar system. Go for it. But don't insist the rest of us must also feel that way, then have the nerve to question our motives when we don't by asking for the very thing we've decided not to share with you. That's just creepy.
Gawker on the Six Delusions of Google's Arrogant Leaders
But the CEO's remarks are just the latest in a series of prominent self-righteous statements from Googlers. There have been plenty of similar cases just in the past couple of months alone. It's worth cataloging them, given Google's deep relationship with its millions of users, and given that the Mountain View internet company doesn't seem to be getting any more humble.
While so many are distracted by Google's shiny "free" objects, it's good that others keep an eye on what's going on there.
Why Does Facebook Suggest People It Shouldn't Know I Know?
Facebook’s tool found Alice in Bob’s address book, but even after being presented with Alice’s profile as a possible contact, Bob chose not to friend her (since they barely knew each other). Since Bob wouldn’t make the first move, Facebook is now showing Bob to Alice as a suggested friend hoping that Alice will initiate the connection. Basically, Facebook is going behind Bob’s back after he explicitly chose not to friend Alice, and is trying to get Alice to do [sic] make the connection anyway.
When it's all electronic, you really don't know if what you think is private is private at all.
I've modified some Facebook security options to help protect my data. With such seeming disregard for what ought be private, you might think Facebook tops the list of companies I'm concerned about in this "nothing is private" digital age. Nope. That would be Google.
