Android apps exploit permissions granted, French researchers find
Android apps really do use those permissions they ask for to access users’ personal information: one online store records a phone’s location up to 10 times a minute, French researchers have found. The tools to manage such access are limited, and inadequate given how much information phones can gather.
In a recent study, ten volunteers used Android phones that tracked app behavior using a monitoring app, Mobilitics, developed by the French National Institute for Informatics Research (INRIA) in conjunction with the National Commission on Computing and Liberty (CNIL). Mobilitics recorded every time another app accessed an item of personal data—the phone’s location, an identifier, photos, messages and so on—and whether it was subsequently transmitted to an external server. The log of the apps’ personal information use was stored on the phone and downloaded at the end of the three months for analysis.