Apple removes apps that collected users’ private data

20 Oct 2015 | Author: | No comments yet »

Apple Bans Hundreds of Apps That Hid Chinese Spyware.

San Francisco – Apple is kicking out applications that collect personal data in violation of the company’s privacy policies from its online store, the tech giant said on Monday. Apple has pulled several apps from its store, following security researchers’ findings that hundreds of iOS apps have been accessing users’ private data.Apple pulled 256 apps from the App Store Monday that used hidden software to capture users email addresses, the apps they have previously downloaded, and the serial number of their smartphone.Apple has banned 256 apps, with an estimated total of 1 million downloads among them, following the identification within them of software that was secretly collecting data to send back to an advertising firm in China.

The iPhone maker made the announcement a day after researchers discovered hundreds of apps using Chinese advertising software that extracts “personally identifiable user information”. “We’ve identified a group of apps that are using a third-party advertising SDK (software development kit), developed by Youmi, a mobile advertising provider, that… gather private information, such as user email addresses and device identifiers, and route data to its company server,” the California-based company said in a statement to AFP. “This is a violation of our security and privacy guidelines. The issue was discovered by mobile security company SourceDNA, which claims the apps in question may have been downloaded over 1 million times in total. The apps’ creators used a software development kit from a Chinese advertising company called Youmi, which allowed the developers to put ads in their apps.

But Youmi’s code happened to include a few extra functions, which secretly gathered info about the phone, user, installed apps and connected devices such as laptops and accessories. SourceDNA notes that while the developers, who are primarily located in China, used the SDK, it’s likely they didn’t realize the data it was capturing. “We believe the developers of these apps aren’t aware of this since the SDK is delivered in binary form, obfuscated, and user info is uploaded to Youmi’s server, not the app’s. Apple prohibits developers from using application program interfaces (APIs) that collect this type of private data, but researchers said Youmi appears to have begun slipping them into its software nearly two years ago, after its software made it through Apple’s initial review process.

Apple said it is working with the app developers to update their apps, ensuring they are safe for customers and in compliance with the app store’s guidelines.

Here you can write a commentary on the recording "Apple removes apps that collected users’ private data".

* Required fields
All the reviews are moderated.
Our partners
Follow us
Contact us
Our contacts

ICQ: 423360519

About this site