Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Handhelds Iphone Privacy Apple Your Rights Online

Privacy Concerns With Android and iPhone Apps 116

carre4 writes "The Wall Street Journal has come out with an article where they examine 101 popular smartphone apps and show that 56 of them transmit various types of information including unique phone IDs, age, gender, postal codes, and location to ad companies. The article also includes responses from infringing app makers and talks about the pressure that some developers feel to share even more information, like Max Binshtok, creator of the DailyHoroscope for Android, who has been encouraged by ad-network executives to transmit users' locations."
This discussion has been archived. No new comments can be posted.

Privacy Concerns With Android and iPhone Apps

Comments Filter:
  • by splerdu ( 187709 ) on Saturday December 18, 2010 @03:51PM (#34602202)

    Se we can download source and built it ourselves?

    • by kanto ( 1851816 )

      Does sourceforge have a policy of discrimination against mobile stuff? Also, downloading and compiling is only useful when someone has done the coding and sharing.

    • For the Android OS there is: The Android Open Source Project [android.com]

      However, as far as I understand it, there are some hurdles with regards to building a ROM depending on the phone you have. Some have locked bootloaders / proprietary drivers.

      For apps, there is a lot of stuff on GitHub, but as someone else already posted that requires the dev to have shared the code.

      If you root your device a good firewall is DroidWall

    • Re: (Score:2, Informative)

      by asnelt ( 1837090 )
      I'm not aware of a repository but there are three lists of Android free software apps that I know of.

      Le Wiki Koumbit: https://wiki.koumbit.net/AndroidFreeSoftware [koumbit.net]

      The Replicant for Android list: http://trac.osuosl.org/trac/replicant/wiki/ListOfKnownFreeSoftwareApps [osuosl.org]

      The Wikiperdia list: http://en.wikipedia.org/wiki/List_of_Open_Source_Android_Applications [wikipedia.org]

  • by tsa ( 15680 ) on Saturday December 18, 2010 @03:56PM (#34602230) Homepage

    Aren't there laws against these practices?

    • by migla ( 1099771 )

      >Aren't there laws against these practices?

      You know, I might ask you the very same question, Mr tsa. (j/k, your probably not *that* tsa, right?)

      • by tsa ( 15680 )

        No, my tsa are some letters from my family name, don't worry :). I don't even live in America.

    • Laws of reality (Score:5, Informative)

      by SuperKendall ( 25149 ) on Saturday December 18, 2010 @06:53PM (#34603268)

      The article stated:

      "One iPhone app, Pumpkin Maker (a pumpkin-carving game), transmits location to an ad network without asking permission."

      That is flat out impossible. I am an iPhone developer; there is no way for an application to obtain user location without the user being prompted if that is OK.

      It makes the rest of the conclusions very suspect to me. Just how would an app get age and gender? Again I cannot think of a way that is even possible on an iPhone without being asked; no-where on my iPhone is my birthday or age stored.

      • Re:Laws of reality (Score:5, Insightful)

        by R3d M3rcury ( 871886 ) on Saturday December 18, 2010 @08:50PM (#34604032) Journal

        The problem is, there is no way to know what the information is being used for.

        I've never used Pumpkin Maker and the description doesn't mention anything about it's capabilities. However, suppose I include a "feature" which will display a background depending on the time of day and your location. So if it's after sunset, it will be dark outside. Of course, for me to know if it's sunset, I need to know your location since sunset varies depending on where in the world you are.

        Thus, Pumpkin Maker needs my location. So it comes up and says, "Would you like to allow Pumpkin Maker to access your location?" Makes sense--it needs to know my location so that it can display the appropriate background. Of course, it doesn't mention that while it's showing your appropriate background, it's sharing your location with it's advertisers.

        Gender would be easy to come by--just ask. After all, it's a fun game for kids and we want to identify the kid with the appropriate pronoun. Or we ask for a name and send that off--after all, we want to identify your pumpkin as "Bob's Pumpkin" or "Sally's Pumpkin" initially, right? Then something on the backend figures out that "Bob" tends to be a boy's name and "Sally" tends to be a girl's name. "Pat" will confuse it, of course...

        Age? Again, you could just ask. You have a collection of add-ons for your pumpkin and you want to filter for age-appropriateness. After all, we don't want small children adding pumpkin boobies or penises. That would be sick and wrong and we're a good company that Thinks of the Children.®

        So the game collects all of this information for a good reason but it never says, "Hey, you mind if I ship it off to advertisers?"

        Again, I've never used this App. I don't know much about it. But these are some ways you could get the information.

      • The article stated:

        "One iPhone app, Pumpkin Maker (a pumpkin-carving game), transmits location to an ad network without asking permission."

        That is flat out impossible. I am an iPhone developer; there is no way for an application to obtain user location without the user being prompted if that is OK.

        It makes the rest of the conclusions very suspect to me. Just how would an app get age and gender? Again I cannot think of a way that is even possible on an iPhone without being asked; no-where on my iPhone is my birthday or age stored.

        On my Android for example you can cross link contacts from different sources. Facebook for example. On Facebook you could store your birthday and gender. I am not a developer, but I see some possibilities here perhaps... Any comments?

        • You'd still have to be asked for the users Facebook login credentials. The user would then know the app had access to Facebook data - and I believe that Facebook further tells you what kinds of data the application has requested access to see.

          From there it is possible for the app to mine something and send it off. But, again, the user would know the app had access to Facebook, they had authorized it. And Apple does some kind of network monitoring from apps to see what they are transmitting, so if it did

      • Can it get access to Facebook app's info? For age, sex and more info?
        Can it get the cell tower ID or some other non-obvious metric identify location?
        • Can it get access to Facebook app's info? For age, sex and more info?

          No, app sandbox.

          Can it get the cell tower ID or some other non-obvious metric identify location?

          Not in the API and therefore would be rejected. You also cannot get the SSID of the WiFi you are on nor any WiFi around you.

          As I said, I'm an app developer. I know the sneaky ways you could try and do something, and what is possible. Gender is not even stored anywhere. Location is just not possible with the restrictions the app store has in

          • by Xest ( 935314 )

            Can apps access the web without permission? IP based location over HTTP is trivial and if web access doesn't require special permission then that's one way to do so.

            It is of course much less accurate than GPS based location.

            • IP based location over HTTP is trivial

              Quick, what is the location of 10.1.10.45? That's my current IP address.

              But perhaps you'd proclaim NAT to be unfair even though 90% of people on WiFi will be behind one.

              Well what about the cell network? My phone is 166.205.14.227.

              And I don't live anywhere near Austin, or even in Texas...

              I wouldn't say "less accurate", I'd say "almost unusable".

              • by Xest ( 935314 )

                Of course in some cases it can be states out, but even if it gives the users country, which, in 99.99% of cases it will, then that's good enough for many advertisers as they'll often have a focus across at least a whole nation with their product/advertising program. Some sites such as the BBC and Hulu trust it enough country-wise that they use it as their core method of ensuring content is only served to users in specific countries- it's trivial to get around with VPN but again, how many people do that real

      • by pariax ( 811639 )

        "One iPhone app, Pumpkin Maker (a pumpkin-carving game), transmits location to an ad network without asking permission."

        That is flat out impossible. I am an iPhone developer; there is no way for an application to obtain user location without the user being prompted if that is OK.

        It makes the rest of the conclusions very suspect to me. Just how would an app get age and gender? Again I cannot think of a way that is even possible on an iPhone without being asked; no-where on my iPhone is my birthday or age stored.

        Impossible? Anything's possible. http://blogs.wsj.com/digits/2010/12/19/how-one-apps-sees-location-without-asking/ [wsj.com]

  • duh (Score:2, Flamebait)

    by melikamp ( 631205 )

    Closed source = no expectation of security + no expectation of privacy + expectation of malice + higher development cost. The sooner Joe Q. Public gets this consumer advocacy message, the better off he'll be. There are only two valid reasons to conceal the code: embarrassment and ill will towards the user. And the only valid reason to make an open-sourced program non-free is greed. None of these are helping the user, the consumer, or whatever you want to call 99% of people who use computers.

    • Ugh (Score:5, Insightful)

      by alvinrod ( 889928 ) on Saturday December 18, 2010 @04:18PM (#34602358)
      Sorry to burst your bubble, but most developers like to eat, which means that commercialization of software comes in at some point, whether that's advertising, support, or something else. Limiting the selection of software to only non-free (as in beer) software would result in a lot less software being available (or made in the future), which isn't exactly helpful for end users either. FOSS has gone a long way to make the world a better place, but it's not a be-all, end-all solution.
      • by migla ( 1099771 )

        >FOSS has gone a long way to make the world a better place, but it's not a be-all, end-all solution.

        Sure it is. We're just not there yet.

      • Sorry to burst your bubble, but most developers like to eat, which means that commercialization of software comes in at some point

        That's great, but may be, as Eben Moglen noticed, they should eat just a tad bit less. While you are sitting here defending them, they are collecting monopoly profits. And I don't mean the kind of monopoly that Microsoft and Google are being accused of, but the intellectual monopoly on ideas that ALL proprietary software vendors enjoy. Are you really that spineless or deluded? Or do you have money to burn? If YOU, the user, are going to pay for software development, why not make it a condition that the resu

        • Re: (Score:1, Insightful)

          by Anonymous Coward

          Because maybe he agrees that the developers should be fairly paid for their work? Not everyone is a retarded hippie, okay? Knock it off. You're the spineless one if you can't accept that people think differently than you about how software should be available. I personally am perfectly fine with applications that are closed and applications that are open, as long as there aren't inherent problems with the closed software (shady company, obvious lack of maintenance and support, etc.)

    • by Anonymous Coward

      I think it's unfair to say that a desire to make money off of your product is greed, if greed is bad.

      There are two options here:
      1. Your statement is false, and someone who puts _their_ time and effort into a product has a right to be compensated for their time and effort. Thus by charging for a product, they are not greedy by definition. They need to make a living too.

      Or

      2. Your statement is true, and greed is not bad.

      I think it's the former. While I certainly use my fair share of free software (and enjoy

      • People who flex the copyright muscle to keep their software non-free are greedy. They would like to collect monopoly profits, and the cost we are all paying is that the software cannot be improved by volunteers (even if the source is open, that is, can be built with free tools, improvements cannot be shared). I have no problem with monetizing software in a way that keeps the software free. More than 99.9% of all commodity software users are just that: users, and we all get shafted by intellectual monopolies
    • ...+ higher development cost...

      Higher development costs don't matter until the profit is counted. If you give it away and don't charge, then your development costs are actually higher with Open Source.

      Basically you shot your own argument in the foot.

  • I was really suprised when I learned how blunt the security options in Android were.

    I'm used to COMODO IS asking me every time an application attempts to use TCP/UDP, start another process, look at a DLL or stuff like that.

    All you get on Android is 'DO YOU WANT APPLICATION TO INTERNET? Y/N' which is totally insufficient.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Yeah, you have fun with that crap. I prefer to use the device instead of auditing every packet and process it produces.

      • I think "Yes, No, or Prompt me each time" would work.
        Then when you get prompted, it should offer the opportunity to never ask again.

        I, too, was shocked that when you install an app on the Android, you get one opportunity to see the permissions that you are granting that app. Seemed like it was "take it or leave it", too - you can give it all the required permissions, or not use the app.

        • by Rich0 ( 548339 )

          Agreed - you should be able to tweak the permissions. So, if the app asks for location tracking, and you don't want to grant it, you can tell the OS to install the app but not let it know the location, rather than not install it at all. Of course, if you're installing a navigation app you'll have to accept that the app won't work. However, if you're installing an IM client maybe you don't want it to know where you are.

          The API could make these kinds of situations work out so that applications don't have p

          • by Lusa ( 153265 )

            All I want is for the android platform to distinguish internet access for it's purpose. ie, have a permission that says this app shows adverts or another for collects usage stats. These would then have limited access to some websites already preconfigured or even restricted to Google or the phone provider/carrier. Then if this is part of the API the phone can control what information is allowed through, even restrict the granularity of information (ie, age groups, or country rather than city). I'm happy if

  • Now, apart from the phone ID, do people REALLY use their real age, gender, and postal code on their phone? It's your phone, not the advertisers. It also sounds like we need a web browsers "No script" type of app for Android to trawl the other apps for data leaks and deliberately ruin the data for advertisers. They are not paying your phone bill, so why give them useful information, give them garbage.

    • Re: (Score:3, Insightful)

      by icebike ( 68054 )

      This is actually a good Idea.

      The problem is that giving that level of snooping capability to one app pretty much makes it available for other apps, and you can see how that would get out of hand pretty quickly with one app data mining another and sending back encrypted data later.

      Perhaps a better method would be for Android/IOS to find a way to lock down access to specific items of data in the phone. If you want to deny an app from reading your phone number or IMEI you can just uncheck a box and it can't e

    • While not a complete block of all this garbage, adFree on rooted Android phones blocks most ads at the /etc/hosts level, and I'm sure lots of these companies aren't writing code to submit directly to IP address.

      I can't imagine them writing a way to get my info, but not show me their ads, and since installing, all of my "ad-supported" apps are not.

      I have no issue paying for apps, and will continue to do so if I find it useful. But garbage like this is going to prevent me from doing any form of proxy support

    • Comment removed based on user account deletion
  • It was uncovered today that your toilet analyzes your stools and sends the results to your proctologist. If you cannot afford a proctologist, one will be provided to you...

    • Re: (Score:3, Funny)

      by Anonymous Coward

      It was uncovered today that your toilet analyzes your stools and sends the results to your proctologist. If you cannot afford a proctologist, one will be provided to you...

      unless you live in the US. in which case, your shit's out of luck

  • There are many applications that want to run more services that they need to.
    For example, when I start up an application for an IT magazine, it always asks me if I want to turn on my GPS. There is no need for it to use GPS to show me content so the only reason would be to make a not of my location for someone else.

    That is an easy one to fix, I have GPS off unless I anctually want to use it. The same goes for WiFi - smartphone batteries do not last as long as stupidphone ones.

    But what about other leaks?
    L

  • I know on my Blackberry whenever I install apps it gives me a list of permissions the app is asking for and I have to either approve or deny the permissions. There has been more than one occasion where I've gone back and fourth with a app developer after their app refused to run without having access to my contacts, gps coords and other things. I believe the last one I encountered this with was a freaking flashlight application. Doesn't Android/iPhone have this type of thing when apps are installed?
    • Android does. It will display a list of things it needs to access, like device state/network access/ability to turn off autosuspend/etc. Ebook readers for example need to be able to prevent the screen from turning off. Messaging apps need network access. Etc. They are usually inflated from what you think the app should need though. Some are just insane with the permissions they want.
      • Android is not the same, check out the screen shots posted in this forum link: http://forums.crackberry.com/f86/application-permissions-234021/ [crackberry.com] The BB actually gives the user the choice on a PER-APP basis what permissions to allow each app. As much as I've grown to hate my BB Storm for its overwhelming lack of memory and frequently required battery pulls, at least I have some control over how applications use my phone. I'd love to switch to an Android-based phone but I am hoping that the developers will a

      • by cynyr ( 703126 )

        yes but i cannot selectively disable parts of the permissions it is requesting.

      • But on a BlackBerry you can permit/deny individual items, whereas on the Android, you can either permit all or deny all (by not installing the app). Which is a useless security model, the user will think "Oh it will steal all my data. But I really want to play this game!".

        On the BB you can say "Sure you can keep the screen powered on, but no internet, no location, no reading the calendar and address book."...

  • by Anonymous Coward

    Hey! You just walked by the best pizza restaurant in town! Come on in, show this message at the check-out, you'll receive a 10% discount. We're just 102.1 meters away at 3030 Main St.

  • Anyone who has used android knows this is true. There are loads of apps that ask for permissions they clearly shouldn't need. Most often it is for internet access, your location, your phone ID (IMSI), and sometimes access to your contacts.

    Obviously the crappy little 'content' apps like DailyHoroscope, backgrounds and ringtones are the main culprits.

  • ...when you could have a Nokia N900?

    • ...when you could have a Nokia N900?

      I bought an iPhone 4 recently (previously used a 1st gen iPhone). The choice was between it an an n900. N900 was winning on all counts except ease of upgrade (which was not a major factor at all). N900 lost when I went to a local store and saw the thickness of the n900. My pocket space is valuable.

  • So if an app just happened to transmit a unique id then it would get on this list?

    I don't see how that is much of an issue at all, remember your browser can identify you uniquely unless you have something as common as a fresh install of XP with no updates, etc.

    I would like to see the figures that have better criteria than just sending unique ids. (Such as location)

  • Data from Article (Score:5, Informative)

    by scruffy ( 29773 ) on Saturday December 18, 2010 @05:20PM (#34602668)
    Here is a list of the apps and the information they send about you. Explanation of the columns and numbers are on the bottom of this message. The extra annoying text is to get around the GDF lameness filter.

    A B C D E F IPhone App the quick brown fox jumped over the lazy dog
    0 0 0 0 2 0 0.03 Seconds Pro the quick brown fox jumped over the lazy dog
    0 0 0 0 2 0 Age My Face the quick brown fox jumped over the lazy dog
    2 2 0 2 2 0 Angry Birds the quick brown fox jumped over the lazy dog
    2 0 0 2 2 0 Angry Birds Lite the quick brown fox jumped over the lazy dog
    1 0 0 2 2 0 Aurora Feint II: Lite the quick brown fox jumped over the lazy dog
    0 0 0 0 2 0 Barcode Scanner (BahnTech) the quick brown fox jumped over the lazy dog
    2 0 0 0 0 2 Bejeweled 2 the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 Best Alarm Clock Free the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 Bible App (LifeChurch.tv) the quick brown fox jumped over the lazy dog
    0 0 0 0 0 0 Bump the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 CBS News the quick brown fox jumped over the lazy dog
    0 0 0 0 2 0 0.03 Seconds the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 Dictionary.com the quick brown fox jumped over the lazy dog
    2 0 0 0 1 0 Doodle Jump the quick brown fox jumped over the lazy dog
    1 0 0 1 1 0 ESPN ScoreCenter the quick brown fox jumped over the lazy dog
    1 1 0 1 0 0 Facebook the quick brown fox jumped over the lazy dog
    0 0 0 0 0 0 Flashlight (John Haney Software) the quick brown fox jumped over the lazy dog
    0 0 0 1 2 0 Fluent News Reader the quick brown fox jumped over the lazy dog
    1 0 1 2 0 1 Foursquare the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 Fox News the quick brown fox jumped over the lazy dog
    2 0 0 2 0 0 Google Maps the quick brown fox jumped over the lazy dog
    1 0 2 2 2 0 Grindr the quick brown fox jumped over the lazy dog
    2 0 0 1 2 0 Groupon the quick brown fox jumped over the lazy dog
    0 0 0 0 2 0 Hipstamatic the quick brown fox jumped over the lazy dog
    0 0 0 0 2 0 iJewels the quick brown fox jumped over the lazy dog
    0 0 0 0 0 0 iLoveBeer: Zythology the quick brown fox jumped over the lazy dog
    1 0 0 1 2 0 Medscape the quick brown fox jumped over the lazy dog
    1 0 1 2 2 0 MyFitnessPal the quick brown fox jumped over the lazy dog
    1 0 0 1 1 0 Netflix the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 NYTimes the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 Ninjump the quick brown fox jumped over the lazy dog
    0 0 2 2 2 0 Pandora the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 Paper Toss the quick brown fox jumped over the lazy dog
    0 0 0 0 0 0 PerfectPhoto the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 Pimple Popper Lite the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 Pumpkin Maker the quick brown fox jumped over the lazy dog
    0 0 0 0 1 0 RedLaser the quick brown fox jumped over the lazy dog
    0 0 0 0 2 0 Ringtone Maker the quick brown fox jumped over the lazy dog
    2 0 0 0 2 0 Ringtone Maker Pro the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 Shazam the quick brown fox jumped over the lazy dog
    2 0 0 2 2 0 Talking Tom Cat the quick brown fox jumped over the lazy dog
    1 1 2 2 2 1 TextPlus 4 the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 The Moron Test the quick brown fox jumped over the lazy dog
    0 0 0 0 2 0 The Moron Test: Section 1 the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 Tips & Tricks: IPhone Secrets Lite the quick brown fox jumped over the lazy dog
    2 0 0 2 0 0 TweetDeck the quick brown fox jumped over the lazy dog
    0 0 0 0 1 0 WSJ Mobile Reader the quick brown fox jumped over the lazy dog
    0 0 0 2 2 0 The Weather Channel the quick brown fox jumped over the lazy dog
    0 0 0 0 0 1 WhatsApp Messenger the quick brown fox jumped over the lazy dog
    1 0 0 2 2 0 Yelp the quick brown fox jumped over the lazy dog
    1 0 0 0 0 0

    • awesome list! how did you compile this? based off of EULAs or a packet sniffer or..?
      • by scruffy ( 29773 )
        All the information comes from links from the WSJ article. I think I got lucky with NoScript and setting various temporary permissions to get a table I could copy and eventually convince Slashdot that it wasn't lame.
  • I do not have a smartphone myself, but one of the first apps I would install would be some sort of fake data sandbox for apps.

    I have seen the install screen for android apps briefly: they show what sort of permissions an app needs: access to GPS, address book, outgoing sms, etc; but the only options seemed to be "grant that access" or "do not install"

    So simply add a checkbox that allows me to supply fake GPS data, fake "no connection" signal, fake empty address book for apps that I do not want to access the

    • Fake data sounds like a solution to a symtom, as opposed to a solution to the inital problem; better selection on what parts can and can't be accessed at all would be a better solution (but that may be either harder or easier than your solution)
  • After rooting your Android phone, you can block the advertisers with AdFree (which a simple black list for all ad sites), or go with a more complex solution like DroidWall and only allow apps you trust to access the net. And you can easily change Android ID with aptly named Android ID changer or simple db hack.

    Not sure if something similar exists for iPhone (would never touch it anyway).

    • by tlhIngan ( 30335 )

      After rooting your Android phone, you can block the advertisers with AdFree (which a simple black list for all ad sites), or go with a more complex solution like DroidWall and only allow apps you trust to access the net. And you can easily change Android ID with aptly named Android ID changer or simple db hack.

      Not sure if something similar exists for iPhone (would never touch it anyway).

      Yep, also for jailbroken ("rooted") iPhones. It's called Firewall IP and alerts you to all outgoing connections being made

      • by dmesg0 ( 1342071 )

        In Android all apps get different UIDs (unless they demand sharing the id), and GID determines the allowed permissions. So it's very easy to filter not just by usual IP rules (src:port-dest:port), but also by application, effectively doing application level firewall. That's what DroidWall is.

        There is a huge difference between rooting and jailbreaking. Android is open, in a sense that it allows installing apps from any source out of the box, you don't need jailbreaking. Rooting just allows superuser permis

  • Don't forget that Android applications are placed in a sandbox. Each time you install an app, you will have to agree that the app wants to have access to specific parts of your phone. I've discarded apps that were too invasive, e.g. wanting access to my phone book, or games that want access to the internet. With Apple, the only protection you have is...Apple. At least with Android there is another level of security.

  • The article stated:

    "One iPhone app, Pumpkin Maker (a pumpkin-carving game), transmits location to an ad network without asking permission."

    That is flat out impossible. I am an iPhone developer; there is no way for an application to obtain user location without the user being prompted if that is OK.

    It makes the rest of the conclusions very suspect to me. Just how would an app get age and gender? Again I cannot think of a way that is even possible on an iPhone without being asked; no-where on my iPhone is my

  • This isn't new information. This has been known for a while.

    You buy an android and you pretty much HAVE to have a google account so all your data can be 'in the cloud'. If it has moto blur then moto has a copy too.

    You install facebook on your iphone, blackberry, android or whatever and then all your contacts are on your phone and 'in the cloud'. Most of the apps that are free have ads and it is pretty standard practice for advertisers to want as much info about someone as possible. This is not anythin

  • So, since I can't recall ever supplying my gender to my phone, how is it determining that? Turning on the camera, hoping there's a hole in my pocket, and assuming that my sex and gender are concordant? Snooping on my location and contacts is one thing, but if I volunteer certain information then I've always assumed the app phoned home with that information. Surely that's common sense...
  • http://www.usatoday.com/tech/news/2010-12-13-army-smartphones_N.htm?csp=34tech [usatoday.com]
    The [US] Army wants to issue every soldier an iPhone or Android cellphone — it could be a soldier's choice.
    Vane said he wants to use the phones to collect biometrics on enemy combatants.
    To track the bad guys, track the troops and what the troops might be writing about.
  • An investigation by the Wall Street Journal of 101 popular smartphone "apps"--games and other software applications for iPhone and Android phones--shows that 56 transmitt the phone's unique device ID to other companies without users' awareness or consent. Forty-seven apps transmitt the phone's location in some way. Five send age, gender and other personal details to outsiders. "In the world of mobile, there is no anonymity," says Michael Becker of the Mobile Marketing Association. A cellphone is "always wit
  • All of my Android apps are either free, or one-time paid. Sure, I could probably make some more money bundling in an ad network, but who wants to be responsible for exposing my customers like that? Besides, some of my apps are designed to *enhance* privacy - I could hardly turn around and sell out my users. The developer who includes ads in their app has little, if any, control over how the collected data will be used or disseminated. So for me, it's just too much of a risk.

  • From TFA:

    Among all apps tested, the most widely shared detail was the unique ID number assigned to every phone. It is effectively a "supercookie," says Vishal Gurbuxani, co-founder of Mobclix Inc., an exchange for mobile advertisers.

    On iPhones, this number is the "UDID," or Unique Device Identifier. Android IDs go by other names. These IDs are set by phone makers, carriers or makers of the operating system, and typically can't be blocked or deleted.

    "The great thing about mobile is you can't clear a UDID

  • I've written a few small games for Android. They're all free and ad supported, and the advertising networks want as much data as they can get. Even with all that, they don't pay all that well. One of my apps gets as little as $.16 per 1,000 ad impressions. I'd love to skip the ads, but my apps really aren't good enough to charge for, at least this way I get something out of it. It's not like the developers are getting rich on your personal data, perhaps the networks are or developers who are lucky enoug

Know Thy User.

Working...