Researchers Claim Phone Apps Are Secretly Recording Your Screen Activity Alarming Tinfoil Hats Everywhere
According to the Northeastern University scientists, their research was the “first large-scale empirical study of media permissions and leaks from Android apps, covering 17,260 apps from Google Play, App China, Mi.com, and Anzhi.” The researchers worked with ten Android devices and an automated program to use the apps and determine whether any media files were sent to a third-party. The purpose of the study was to identify any privacy risks associated with Android apps. The researchers received a contract from Department of Homeland Security to conduct their study, an award from the National Science Foundation, the Google
On the bright side, the researchers found that “a very large fraction of apps are not abusing the ability to record media.” On the downside, the scientists did find several instances where apps were sending information to third-party apps without a user’s permission. They noted that while some apps were able to violate a user’s policy through rather dishonest means, most were able to send information to third party apps because the Android and iOS systems are “coarse grained” and “incomplete”.
The most common issues appeared to be related to apps and their multimedia permission requests. Some apps will ask for various multimedia permissions without actually needing to use that media. Some apps include code for multimedia sensors that are not used, but the app does not disclose to the users that this code is included. These oversights could allow third-party apps to abuse the media permissions. The app stores do not closely monitor what permissions are requested, what code is included in the apps, and if they are necessary for the function of the app.
It is important to note that the study focused on a user's screen activity and did not find evidence that smart devices are secretly recording a user's off-screen life. The researchers at Northeastern University plan to continue to “monitor how multimedia content leaks over the internet from mobile and IoT devices, and assess the implications of such behavior." They also hope in the future to look more closely at iOS apps.