1. Home
  2. Mobile apps sharing usernames, passwords, credit card details with third parties: Study

Mobile apps sharing usernames, passwords, credit card details with third parties: Study

Agencies
July 8, 2018

Washington, Jul 8: Some popular smartphone apps may be secretly taking screenshots of your activity and sending them to third parties, a study has found. This is particularly disturbing because these screenshots - and videos of your activity on the screen - could include usernames, passwords, credit card numbers, and other important personal information, researchers said.

"We found that thousands of popular apps have the ability to record your screen and anything you type," said David Choffnes, a professor at Northeastern University in the US.

"That includes your username and password, because it can record the characters you type before they turn into those little black dots," said Choffnes.

The study was designed to investigate a persistent urban legend that phones are secretly recording our conversations and then selling that information to companies so they can pepper you with targeted advertisements.

While the researchers found no evidence of recorded conversations, they discovered activity that could be even more dangerous.

"We knew we were looking for a needle in a haystack, and we were surprised to find several needles," said Choffnes.

What they found is that some companies were sending screenshots and videos of user phone activities to third parties. Although these privacy breaches appeared to be benign, they emphasised how easily a phone's privacy window could be exploited for profit.

"This opening will almost certainly be used for malicious purposes," said Christo Wilson, a professor at Northeastern.

"It's simple to install and collect this information. And what's most disturbing is that this occurs with no notification to or permission by users," said Wilson.

"In the case we caught, the information sent to a third party was zip codes, but it could just as easily have been credit card numbers," he said.

The researchers analysed over 17,000 of the most popular apps on the Android operating system, using an automated test programme written by the students.

Although the study was conducted on Android phones, researchers said there is no reason to believe that other phone operating systems would be less vulnerable.

In all, 9,000 of the 17,000 apps had the potential to take screenshots.

"In one case, the app took video of the screen activity and sent that information to a third party," said Wilson.

That app was GoPuff, a fast-food delivery service, which sent the screenshots to Appsee, a data analytics firm for mobile devices. All this was done without the awareness of app users.

Researchers emphasised that neither company appeared to have any nefarious intent. They said that web developers commonly use this type of information to debug their apps and improve the user experience.

However, that does not mean a malicious company could not use this privacy window to steal personal information for profit.

"That has the potential to be much worse than having the camera taking pictures of the ceiling or the microphone recording pointless conversations. There is no easy way to close this privacy opening," said Choffnes.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 8,2024

Mangaluru: The Mangaluru North police have apprehended a minor in connection with alleged voyeurism incident reported in a private medical college in Mangaluru. 

DCP (Law and order) Sidharth Goyal said that the minor was produced before JJ Board as per due procedure. The incident came to light when a mobile phone was found in women's washroom in the college. 

The mobile-phone was discovered as it was ringing even when no one was in the toilet by the security guard of the college. 

Investigations revealed that the mobile phone had been strategically placed in the restroom. As a result, a case has been registered under north police station.

Further scrutiny into the matter uncovered the identity of the accused, a minor male aged 17, who had gained access to the college premises under the guise of being a patient. Following his apprehension, the accused was presented before the Juvenile Justice (JJ) Board in adherence to legal protocols.

The phone has been seized and a case has been booked under IPC section 354 (C), said the DCP.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 19,2024

bhatraghupati.jpg

Mangaluru: Disgruntled BJP leader and former MLA K Raghupathi Bhat, who is contesting the legislative council election as an independent candidate from the South West Graduates constituency, said the BJP has adopted the “godfather culture” of the Congress.

Bhat told reporters here on Saturday, that he has not tried to appease any senior BJP leaders to get a party ticket to contest the MLC poll.

“I am contesting and seeking votes based on my achievements. My contesting may have a negative impact on the BJP. However, I want to go back to the BJP after winning this election,” Bhat said, and refused to answer the actual reason for the denial of a BJP ticket to him.

“I have no idea who played from behind that I was denied a ticket for the MLC poll.

Earlier, the BJP had a culture of selecting candidates for MLA and MLC polls by seeking the opinion of party workers at the booth level, followed by discussions at mandal and district levels.

Now the situation is such that even if one person’s name was sent from the state, the final list will be different. The godfather culture of the Congress has stretched into our party too. Only those who appease leaders get a ticket in the BJP. However, I have not appeased any leader. I believe in the support of party workers, and with this confidence I am contesting the election,” Bhat said.

To a query, Bhat said that he has not contacted by BJP leaders after deciding to contest the MLC poll.

“I have already requested all leaders that I should get the party’s Form B to contest the MLC poll from the South West Graduates constituency. I have told them that I am also contesting as an independent candidate on behalf of the BJP. The ultimate aim of my contesting the election is that senior leaders should know the injustice that honest party workers are facing in the BJP,” he said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 12,2024

param.jpg

Bengaluru: Karnataka Home Minister G Parameshwara on Sunday said that the Special Investigation Team (SIT), probing into sexual abuse charges against Hassan MP Prajwal Revanna, will not be going abroad to bring him back, and the Interpol will share information about him.

He also cautioned political leaders about making public statements or sharing information in connection with the case, which is sensitive.

The 33-year-old Prajwal Revanna, who is grandson of JD(S) patriarch and former Prime Minister H D Deve Gowda, is facing charges of sexually abusing several women.

The scandal has raised a political storm with the ruling Congress and BJP-JD(S) engaged in a slugfest.

Prajwal Revanna is said to have flown abroad on April 27, a day after the first phase of Lok Sabha polls in Karnataka was held.

He was BJP-JD(S) alliance's joint candidate from Hassan Lok Sabha segment, which went to polls in the first phase.

"No, there is no such option. Blue Corner Notice has been issued and the Interpol will share the information. The respective country in which he is found or identified - they will inform them (Interpol) and then our agencies, the CBI will get to know, and through them we will get to know."

"So far there is no information," Parameshwara said.

He was responding to a question on reports about the SIT team travelling abroad in connection with the case.

Speaking to reporters, he said, "Investigation is going on, not to affect the investigation we don't want to share any information."

Responding to a question on Union Minister Pralhad Joshi's statement alleging conspiracy behind the arrest of BJP leader Devaraje Gowda, for making allegations against Congress leaders in connection with the case, Parameshwara said, "If anyone says anything I cannot react to it. We cannot respond to every public statement. As this is a serious case, we cannot share information until the investigation is completed."

"My request to the public and to our leaders is to be cautious while making statements. If not, based on the statements given by them, we may have to call them for investigation and record their statement under 41 A of CrPC," he added.

Asked whether JD(S) leader H D Kumaraswamy will also be served notice, the Minister said he is a former CM and that he believes that the former has taken this case seriously.

"Before giving any statements on this case or before sharing any information in the public domain, one has to be cautious, and this applies to all," he added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.