It is a popular theory that smartphone apps are secretly listening in to conversations and then using that data for promotional purposes. Just take this example from a couple of years ago, in which a woman had "an in-depth chat with her sister about a tax issue, and the next day was served up a Facebook advert from tax experts offering advice on that exact issue." There are many stories just like it, all of which fuel the theory that Big Brother is, well, listening.
Co-incidences can be spooky, but is that all they are or is there more to it? Could smartphone apps really be listening in, and using what they hear to sell you things? A team from Northwestern University decided to find out for themselves.
Their study, titled 'Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications', examined 17,260 Android apps from four sources (the majority from Google Play) and checked what data they sent and received over a period of months. Their results showed that some apps share images and videos with third parties in unexpected ways, and without user knowledge or consent.
Example screenshots which were sent by apps to third parties
Source: Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications
In their conclusion, they state that "several apps leak content recorded from the camera and the screen over the internet, and in ways that are either undisclosed or unexpected given the purpose of the app." In addition, they also discovered that "third-party libraries record a video of a user’s interaction with an app, including at times sensitive input fields, without any permissions or notification to the user."
Furthermore, they state "several apps share users’ photos and other media over the internet without explicitly indicating this to the user" and that "there is poor correlation between the permissions that an app requests and the permissions that an app needs to successfully run its code."
As concerning as this is, there is a glimmer of hope in that the team discovered no instances of apps recording audio and sending it to a third party without permission.
What impact this could have on the paranoia surrounding smartphones and privacy violations is yet to be seen.
Co-incidences can be spooky, but is that all they are or is there more to it? Could smartphone apps really be listening in, and using what they hear to sell you things? A team from Northwestern University decided to find out for themselves.
Their study, titled 'Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications', examined 17,260 Android apps from four sources (the majority from Google Play) and checked what data they sent and received over a period of months. Their results showed that some apps share images and videos with third parties in unexpected ways, and without user knowledge or consent.
Example screenshots which were sent by apps to third parties
Source: Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications
In their conclusion, they state that "several apps leak content recorded from the camera and the screen over the internet, and in ways that are either undisclosed or unexpected given the purpose of the app." In addition, they also discovered that "third-party libraries record a video of a user’s interaction with an app, including at times sensitive input fields, without any permissions or notification to the user."
Furthermore, they state "several apps share users’ photos and other media over the internet without explicitly indicating this to the user" and that "there is poor correlation between the permissions that an app requests and the permissions that an app needs to successfully run its code."
As concerning as this is, there is a glimmer of hope in that the team discovered no instances of apps recording audio and sending it to a third party without permission.
What impact this could have on the paranoia surrounding smartphones and privacy violations is yet to be seen.