phone-spies

How your phone is spying on you

Many apps gather personal data, and then send it to their makers

I don't know how you feel about this, but I really love modern smart phones! They are loaded with all sorts of sensors which are supposed to improve their functionality. Here are just a few that have been included in one of the soon to be released Android phones: light sensor, proximity sensor, accelerometer, compass, gyroscope, fingerprint sensor, iris scanner, barometer, heart rate sensor, SpO2 sensor, and the list goes on.

But have you ever thought that the same sensors may be used to track your behavior at all times, even while your phone's screen is off? Often times, our batteries drain much faster after a new software update because the phone is doing more things (and sending more data) without us knowing about it.

Google tries to prevent greedy companies from getting access to unnecessary customer data, but this doesn't mean that it has a 100% success rate. Last year, Google managed to discover several dozens of harmful applications in its Play Store, for example. Some of them were able to monitor the phone owner's email address, read it SMS messages, determine his locations, record his phone calls and get access to his files.

Often times, hackers install an (apparently) harmless application – a device cleaner, for example. Since apps like these need quite a few permissions to do their jobs properly, very few people are cautious at this stage. Then, once that the "cleaner" gets installed, it will download the malware onto the user's phone, and then start recording calls, messages, locations, etc. Then, it starts taking pictures and screenshots, uploading files, reading call logs, and doing even more nasty stuff.

Some cleverly engineered apps don't even need access to huge amounts of data to figure out sensitive information. The value indicated by the barometer sensor may tell a thief that you are taking a vacation, for example.

The gyroscope sensor can be used to spy on you as well! As you use your phone, touching various screen areas, the tilt and roll angles of your device will change a little bit. However, advanced artificial intelligence routines can use these tiny screen movements to discern most of the virtual key presses. The success rate grows exponentially if the application utilizes information provided by several sensors: the accelerometer, the light sensor, etc.

Did you know that the finger tapping sound changes depending on the virtual key that you are tapping? Researchers were able to guess 94% of smart phone pins by listening how each digit tap "sounds", and then feeding the information to a neural network. Also, accelerometers can tell if you are moving, and even map your driving route, depending on the measured speed and the amount of time spend driving.

All the harvested data is a goldmine for software developers, who sell it to advertising companies and other third-party service providers. Just think at a health insurance company, for example; I bet they'd pay quite a bit of money to see a graph of your heart rate, learn how many miles you are walking each day, and so on.

Sadly, most people will install various apps on their smart phones without taking a good look at the requested permissions. Or, they continue to update some apps even when they request many more intrusive permissions.

It is true that sometimes the apps will require special permissions to do their jobs. But often, the developer is too lazy, and doesn't want to limit the permission list to the ones that are actually needed.

So, it may be the time to uninstall some apps, and limit some of the permissions for the installed ones. Let's keep our sensitive data sharing amounts to a minimum, shall we?