Android ads expose users to security holes
Applications on Android that make use of advertising to generate revenue may open users up to privacy and security loopholes, says North Carolina State University researchers.
The researchers found that many of the libraries, used in free Android applications to display in-application advertisements, can be used to bypass Android security.
In some cases these ad libraries “go a step further by making use of an unsafe mechanism to directly fetch and run code from the Internet, which immediately leads to serious security risks,” wrote the researchers.
The team examined 100,000 applications on Google Play (formerly the Android Market), and found that nearly half of them had libraries that track a user’s GPS location.
One in 23 allowed the location data to be passed back to the advertiser.
In some cases, the libraries could access a user’s call logs, phone numbers, and a list of other apps on the device.
Read the full story at: Ars Technica.
Loading ...