1 / 19

Your Apps Are Watching You

Your Apps Are Watching You. CS 595 - Elliott Peay. Overview. Article Focus What Happened Findings What is Going On. Article Focus. Wall Street Journal investigates what information is sent over the network by the apps we use. Also contains an analysis of the information. What Happened.

ora
Download Presentation

Your Apps Are Watching You

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Your Apps Are Watching You CS 595 - Elliott Peay

  2. Overview • Article Focus • What Happened • Findings • What is Going On

  3. Article Focus Wall Street Journal investigates what information is sent over the network by the apps we use. Also contains an analysis of the information.

  4. What Happened • About the Investigation • Investigation Methodology

  5. 101 Apps were tested 50 popular on iPhone 50 popular on Android WSJ iPhone app Android shown at right iPhone apps will not be covered. Source:  http://blogs.wsj.com/wtk-mobile/ About the Investigation

  6. Investigation Methodology Device was restricted to increase accuracy of data gathered. • Single-Process Mode • No 3G Access • Man in the middle attack used to obtain data streams • "Mallory" software used to decrypt data

  7. Findings • Generally, free apps sent more data than paid apps • Generally, iPhone apps sent more data than Android apps • Google was the biggest data recipient

  8. Data Recipients: Facebook Data Sent: Username/Password Source:  http://blogs.wsj.com/wtk-mobile/2010/12/17/facebook-iphone/ Facebook (Android)

  9. Data Recipients: AdWhirl Flurry Geocade AdMob (Google) AdSense (Google) Microsoft Data Sent: Phone ID Location Information Source:  http://blogs.wsj.com/wtk-mobile/2010/12/17/paper-toss/ PaperToss (Android)

  10. Data Recipients: FatSecret (Owner) DoubleClick (Google) Analytics (Google) Data Sent: Username/Password Phone ID Location Information Phone Number Source:  http://blogs.wsj.com/wtk-mobile/2010/12/17/calorie-counter/ Calorie Counter (Android)

  11. What is Going On? Many different groups are using this information • Ad Networks • Targeted Advertising • Software Developers • Analytics • User Information

  12. Application Data Sent Realty / Mapping App Device ID, GPS Information Social Networking App Device ID, Gender, Age, Ethnicity Shopping App Device ID, Product Types Ad Networks Multiple apps who work with a particular ad network allow for complex user profiles to be developed.

  13. "Why is my GPS icon blinking?" Information which is generally harder to obtain is of more value to an ad company. "In its software-kit instructions, Millennial Media lists 11 types of information about people that developers may transmit to "help Millennial provide more relevant ads." They include age, gender, income, ethnicity, sexual orientation and political views. In a re-test with a more complete profile, MySpace also sent a user's income, ethnicity and parental status." Source:  http://online.wsj.com/article/SB10001424052748704694004576020083703574602.html

  14. "The great thing about mobile is you can't clear a UDID like you can a cookie,[...] That's how we track everything." Meghan O'Holleran Traffic Marketplace Privacy Differences vs Computers Image:  http://blogs.wsj.com/wtk-mobile/ Source: http://online.wsj.com/article/SB10001424052748704694004576020083703574602.html

  15. Developers Want Our Information, Too • Analytics • Track user navigation through website • Demographics • See who is using the app

  16. Source:  http://blogs.wsj.com/wtk-mobile/   (Image compressed horizontally for presentation)

  17. Finding the over-sharing apps are not possible at first glance. Trust is a critical step in finding a good app Source:  http://blogs.wsj.com/wtk-mobile/ Conclusion

More Related