Are phones plagued with spyware?

[danrok]

I just went through all apps on my Android phone, and have deleted quite a few, because they appear to be spying on me.

For example, why does a news app need to start on boot, and access my ID and location?

I am deleting all such apps, even if I use them.

[Aedan]

How many of the ads shown are tracking you as a user?

[danrok]

I'm not so concerned about ad tracking, when an ad is displayed.

What bothers me is not knowing what an app which starts at boot is really doing. Is it tracking me all the time? And draining the battery?

[Aedan]

To be honest, it's a lot more complex than that. For a start, any app that can communicate with the Internet can download additional code, which can include exploit code (like Android.Bmaster does). That way, the app can get past Google's Bouncer by not having malicious code up on the market.

Additionally, each application has "intents" that allow another application to use it to provide a service. Intents should be secured, but it's up to the application author to check how it's being used and if the caller should be allowed to carry out the request. Effectively, this is using other applications' permissions to bypass the fact you have no (or limited permissions). This, together with other issues within Android, is how an application that has no permissions to do anything can still provide a remote shell for an attacker, reboot your phone, etc.

HTC had an issue with the way they'd set up the web browser - they'd given it permissions to install packages with the intention of using it to update the flash lite plugin. If someone found an exploitable bug in the web browser, they immediately had permission to install applications.

Basically, for Android permissions to operate the way you'd like them to, The OS and every application needs to be trustworthy.

Take a read of "These aren't the permissions you're looking for" (This is good), or No-permission android app gives root shell or Android smartphones infected via drive-by exploit or Android exploit allows unauthorized app to record audio, take pictures, send SMS - then tell me you're worried about the permissions the apps you installed have!

[Daniel ~]

I noticed the other day that things I look at on Newegg were being offered to me as soon as I showed up on anther (Amazon) site...useful, perhaps, but un-nerving just the same.

After to going to a particular Dentist, I was bombarded (Dozens of them) with e-mail offers for the drugs he perscribed...felt a bit sold out there!

[danrok]

Quote:

Originally Posted by Daniel ~

I noticed the other day that things I look at on Newegg were being offered to me as soon as I showed up on anther (Amazon) site...useful, perhaps, but un-nerving just the same.

After to going to a particular Dentist, I was bombarded (Dozens of them) with e-mail offers for the drugs he perscribed...felt a bit sold out there!

You may have a setting in your browser, under privacy - do not track.

That may stop it, to some extent.

Right now, I am seeing a similar thing - bombarded with adverts trying to sell me a holiday on an island - I'm already there, I live there.

But the advertiser could prevent ads from being displayed in this location, if they bothered to think about it.

[Daniel ~]

If you can find the time drop in a visit yourself for a while...":O}