I occasionally need to use an Android device to get things done for my day job. I like the flexibility of the operating system: I can tweak to my hearts content. An Android phone often runs cheaper than a handset from Apple and, in some cases, boast photo snapping capabilities that kick the bejesus out Apple's Designed in Cupertino camera app and optics. But when I read shit like this story from The Verge, I'm reminded, once again, about why I put up with the walled garden and stuffy familiarity of iOS.
From The Verge:
Read the rest
Even if you say “no” to one app when it asks for permission to see those personally identifying bits of data, it might not be enough: a second app with permissions you have approved can share those bits with the other one or leave them in shared storage where another app — potentially even a malicious one — can read it. The two apps might not seem related, but researchers say that because they’re built using the same software development kits (SDK), they can access that data, and there’s evidence that the SDK owners are receiving it. It’s like a kid asking for dessert who gets told “no” by one parent, so they ask the other parent.
...That’s in addition to a number of side channel vulnerabilities the team found, some of which can send home the unique MAC addresses of your networking chip and router, wireless access point, its SSID, and more. “It’s pretty well-known now that’s a pretty good surrogate for location data,” said Serge Egelman, research director of the Usable Security and Privacy Group at the International Computer Science Institute (ICSI), when presenting the study at PrivacyCon.