When you click “No, you don’t have permission to track my phone,” you probably think that the app won’t track your data. But researchers have found that thousands of Android apps have found a way to cheat Android’s permission system, gathering your contact list as well as your location without your permission.
Even if you tap “NO” to an app asking your permission to gain access to your data, it is nothing but a scam like the other apps having permission to your data will be indirectly sharing all the data with the other apps in your smartphone.
App with permissions stores all the data in your smartphone’s local storage, though with other apps, including a malicious one can read your data and gain access to it.
Samsung and Dinsey use Chinese search engine Baidu‘s SDKs and Salmonads analytics which can pass your data through the app with permission to apps without having any permission. Researchers have claimed that some developers are acquiring the data through Baidu SDK.
It is also explained research director of the Usable Security and Privacy Group, Serge Egelman, at ICSI, that this way apps can even send MAC addresses of your networking router and chip and wireless access point and its password somehow to the developer.
Another Android app Shutterfly was caught sending GPS coordinates back to its located servers containing all the EXIF data even after millions denied the permission to send GPS coordinates or EXIF to the company.
Google ensured that these are the issues they’re aware of and will be fixed in upcoming Android. But then the question arises, that the people having older Android versions than Q will suffer the same amount of Data theft or will Google roll out a security patch for it.
Approximately 60% of the android users are running old versions of Android.
Google has refused to comment on this matter publically, but it is being confirmed to Digital Phablet that Android Q will be more private and will fix all the privacy issues.