游戏邦在:
杂志专栏:
gamerboom.com订阅到鲜果订阅到抓虾google reader订阅到有道订阅到QQ邮箱订阅到帮看

华尔街日报:用户无力阻止手机应用外泄个人信息

发布时间:2010-12-20 14:45:40 Tags:,,,,

据《华尔街日报》报道,手机应用很有可能窃取用户的姓名、联系方式、地址乃至手机ID号码,并将这些个人信息传送给广告公司或第三方机构,更糟糕的是,用户几乎无法避免这种情况发生。

《华尔街日报》抽样调查了市场上的101款iPhone、Android手机应用,发现其中有56款应用(游戏邦注:包括《Angry Birds》、《Bejeweled》、《Paper Toss》等游戏),未经用户同意擅自将手机ID传送给第三方;有47款应用会泄露用户的地址、年龄、性别等个人信息。

iPhone apps transmits more data than Android apps

iPhone apps transmits more data than Android apps

尽管移动、计算机互联网领域的在线信息跟踪已经不是什么鲜事,但该报的调查结果仍然令人震惊——-手机用户不但对个人信息外泄的情况一无所知(这些应用通常也没有附带什么稳私政策说明),即便是知道了也无济于事,大家几乎无法从中脱身。

据游戏邦了解,著名的手机音乐应用Pandora的iPhone、Android版本,都在向广告网站传送用户的年龄、性别、地址和手机ID等信息;热门文字编辑应用TextPlus 4,曾向8家公司传送用户ID号码,向2家机构泄露了用户的地址和其他个人数据。

《华尔街日报》还指出,iPhone应用比Android应用更容易对外泄露用户隐私,但不能肯定这两个平台的其他上千款应用是否也都存在这种问题。

据称在这些用户信息中,最频繁外泄的就是手机ID号码。据移动广告服务公司Mobclix联合创始人Vishal Gurbaxani所称,手机ID是最有价值的信息,换句话说,它是跟踪用户移动互联网使用习惯的最有力工具。

用户可以自由修改其他个人信息,却无法清除或者更改手机ID,这一点为广告公司创造了极大的便利。用了这些手机ID号码,广告公司就很容易查看用户下载的应用类型、使用频率、使用时长等情况。

苹果和谷歌不但各自拥有最大的智能手机平台,而且还分别掌握了iAd和AdMob这两个移动广告服务平台,虽然手机应用泄露隐私可能有损iPhone、Android平台的安全性,但iAd和AdMob反馈的用户信息仍然令两个母公司受益无穷。

不幸的是,大多数用户除了彻底删除整个热门应用,否则根本无法保证个人信息不被窃取。许多移动广告公司允许用户退出互联网追踪系统,但手机应用却并不支持这种功能。广告公司Jumptap甚至辩称,iPhone用户如果把自己的手机ID通过电邮发送给他们,就可以自动退出应用追踪系统。苹果也宣称,iAd支持用户摆脱应用数据追踪的干扰(但并不能保证iTunes数据的安全性)。

虽然手机应用外泄用户数据已成难以挽回的事实,但用户和相关管理部门可要提高警惕了,不能让这种势态继续恶劣下去。希望在本文见报后,美国联邦贸易委员会尽快采取行动,让今后的手机应用在采集用户数据时提高透明度,扩大人们的知情权。(本文为游戏邦/gamerboom.com编译,转载请注明来源:游戏邦)

How mobile apps are spying on us

Your favorite mobile apps could be collecting and transmitting your personal information, including your name, contacts, location and even your phone’s unique ID number, to ad networks and other third parties. And worst of all, there’s little you can do about it.

This mobile privacy bombshell was revealed by an in-depth investigation from the Wall Street Journal, which tested 101 popular mobile apps on the iPhone and Android to determine what sort of data they were transmitting. The paper found that 56 apps transmitted the phone’s device ID without consent, 47 apps transmitted user location and five shared age, gender and other personal information to third-parties.

While online tracking is nothing new in the world of mobile and desktop web browsing, the WSJ’s investigation reveals an even scarier prospect in the world of apps — where user’s are completely unaware that information is being shared (there are often no privacy policies to read), and opting out from the data tracking isn’t an option.

The popular music app Pandora, for example, transmits age, gender, location and phone IDs to ad networks in both its iPhone and Android versions. TextPlus 4, a popular free texting app, sent out phone IDs to eight ad companies, and location and personal data to two.

The WSJ says that iPhone apps tended to transmit more data than Android apps, but it’s unsure if the pattern persists among the thousands of apps on each platform.

The most commonly shared piece of data was the unique ID assigned to every phone. According to Vishal Gurbaxani, co-founder of the mobile advertising exchange Mobclix, the ID is effectively a “supercookie” — or in other words, a super-powered version of the cookies used to track web browsing on computers.

Unlike normal cookies, you can’t clear or change your phone’s ID, which is a boon to ad companies. The ID allows advertising companies to see the types of apps users download, how often they run them and how deep into the app users go. The data is aggregated and not linked to an individual, according to Meghan O’Holleran of Traffic Marketplace.

The WSJ points out that both Apple and Google own the largest smartphone platforms, in addition to the largest mobile advertising services by revenue. Google owns AdMob, Apple owns Quattro Wireless, which also formed the basis for its iAds mobile ad platform. Despite how the apps may undermine the security of the iPhone and Android platforms, the data they send is also useful to their parent companies.

Apple says that iPhone apps can’t transmit user data without approval, but the WSJ’s findings reveal many apps that don’t follow that rule. Google leaves it up to app makers to make users aware of the data their apps reveal. Android also gives users specific notes about the phone resources (including hardware and data) apps will use before they’re downloaded.

Unfortunately, there’s little users can do to protect themselves from data-sharing apps, aside from avoiding many popular apps entirely. Many mobile ad companies let users opt-out of their website tracking, but those opt-out lists don’t apply to apps, according to the WSJ. The ad company Jumptap says iPhone users can opt out of app data sharing by emailing their phone’s user ID to them. Apple says its iAd opt-out also applies to apps (but doesn’t prevent iTunes data from being collected).

While it’s no big surprise to find that apps are sharing some of our data, the extent to which it’s happening should be of concern to both users and regulatory agencies. I suspect we’ll see some response from the FTC on this report soon, and that apps will be forced to be more transparent about their data collection in the future.(source:venturebeat)


上一篇:

下一篇: