The Android operating system is spying on: what data are shared with companies."Urgent actions are needed"

Time 12/09/2022 By myhoneybakedfeedback

The study, which was conducted by teams from the University of Edinburgh, Scotland, and Trinity College Dublin, Ireland, revealed a number of confidentiality issues related to the use of smartphones with Android operating system by the big brands..

Professor Doug Leith from Trinity College Dublin, along with doctors Paul Patras and Haoyu Liu from the University of Edinburgh, examined the data obtained from six variants of the Android operating system developed by Samsung, Xiaomi, Huawei, Realme, Lineageos and E/BONE.

What they have discovered is that "and when configured at a minimum level and when the phone is inactive, these android variants, customized by suppliers, transmit substantial amounts of information to the operating system developer and also to third parties (Google, Microsoft,LinkedIn, Facebook etc.) which have pre -installed system applications ”.

What data on your phone is in danger

Among the data collected, the researchers noted the systems of permanent identification of smartphones, the history of using applications and telemetry data.Except E/OS, all telephone manufacturers analyze collect a list of all applications installed on a phone, the study shows.

These are potentially sensitive information because they can reveal users' interests such as the last dating app used and so on.According to research authors, there is no possibility to give up this data collection.

"I think we have completely missed the massive and continuous data collection by our phones, for which there is no withdrawal option," said Leith, who is also president of the Department of Informatics from the School of Informatics and Statistics.from Trinity."We focused too much on web cookies and bad behavior applications," he added.

Sistemul de operare Android te spionează: Ce date sunt partajate firmelor. „Este nevoie urgentă de acțiuni”

The teacher hopes that this study will act as an "alarm signal" for the public, politicians and regulatory authorities."There is an urgent need for significant actions to give people a real control over the data that leave their phones," he said.

Xiaomi, Samsung and Huawei, the main companies sharing user data

According to the research, the Xiaomi phone sends details "about all the applications views viewed by a user to Xiaomi, including when and how long each application is used".The moment and duration of phone calls represents much of the data exposed, the study reveals.

On the Huawei phone, the Swiftkey keyboard is the one that shares with Microsoft details about the use of applications over time.

"The effect is similar to the use of cookies to follow the activity of people while moving between web pages," according to DR.Paul Patras, associate professor at the University of Edinburgh's Informatics School.

Samsung, Xiaomi, Realme and Google collect "Long-term device identifiers", such as the serial number of hardware, along with "Resetable advertising identifiers".

Often on the bottom or back of the device, the hardware series is a unique number used for identification and inventory purposes.This is unique to the user and is most often requested when reporting the theft of a police phone.

As for the user's advertising identifier, its purpose is to allow advertising agents to follow the user's advertising activity.It is assigned by the device or the operating environment and is stored directly on the device.

The ability of Android operating systems to store this data implies that "when a user reset an advertising identifier, the new identifier value can be trivially reconnected to the same device, which could undermine the use of advertising identifiers by the user", is shown in study.

How do we end the "secret" practices?

According to the study, there is only one way to avoid falling prey to this large -scale data collection - the E/OS variant created by the French Gael Duval and derived from Lineageos.This variant of Android is based on a module that allows the use of Google services without transmitting personal data.Access to personal information is blocked for Google and for all third -party applications or services.

"Although in recent years we have witnessed the adoption of personal information protection in several countries, including by EU, Canada and South Korea Member States, users' data collection practices remain widespread," said Patras.

"More worrying is the fact that such practices take place in the" secret "part of smartphones, without using an accessible means of deactivating such a functionality.However, the android variants that respect the confidentiality is gaining ground, and our findings should stimulate market leaders to follow their example, ”he said, according to Euronews.