September 30, 2010, 9:05 PM — Worried your Android apps are spying on you? You should be, according to a recent study that found several popular Android Apps regularly share your location and critical phone data such as your phone number with advertisers and others. Researchers from Intel Labs, Penn State, and Duke University randomly selected 30 out of 358 popular apps from the Android Market for this study. The computer scientists were able to track each application's behavior using a special monitoring program called TaintDroid developed by the researchers.
Here's a breakdown of the researcher's findings:
-15 popular Android apps sent location information to advertisers without requiring user consent
-9 apps transmitted a user's International Mobile Equipment Identity number, a unique device identifier
-7 out of those 9 apps did not mention IMEI collection in their End User License Agreements including one unnamed popular social networking app and one unnamed location-based search application
-2 applications transmitted a user's phone number and ICC-ID--a SIM card's serial number--both of which are unique identifiers
While those findings may sound scary, the good news is I've got 7 tips for you to keep prying eyes off your Android smartphone or your iPhone.
Android Users: Check Your Permissions
You can find a list of what your apps are doing by visiting the Android Market via your mobile device. Go to menu>downloads to see a list of the apps you've downloaded. Then select the app you want to check up on and go to menu>security. This will give you a list of all the information on your device that your application can access. This won't tell you what those apps are doing with that information, but at least you can get rid of any applications that want access to information you're not comfortable sharing with it.
Note that some of Android's sharing and permissions information is a little hard to understand. Many apps, for example, say they have "full Internet access," but the Market doesn't explain what that means. Android's developer documentation isn't much help either, but it appears "full Internet access" means an app has unfettered access to send and receive data.
iPhone Users: Check Your Location