1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • "The frequency at which many apps send device information...is mi

    From TechnologyDaily@1337:1/100 to All on Sat Jan 27 06:30:05 2024
    "The frequency at which many apps send device information...is mind-blowing"
    popular iPhone apps are stealing your data using iOS push notifications, here's what you need to do to stay safe

    Date:
    Sat, 27 Jan 2024 06:25:07 +0000

    Description:
    Practice goes against Apple's terms of service, and the company is preparing to address the issue.

    FULL STORY ======================================================================

    Some of the most popular iOS apps have been found to be working around Apples terms of service to collect sensitive information about the devices theyre installed on.

    According to the researcher that discovered the practice, this is a big deal because the apps vendors can use this data to profile, and subsequently
    track, their users, which is a big no-no for Apple.

    As explained by Mysk on X, with iOS 10, Apple allowed mobile apps to run in the background in order to process, and later serve, push notifications. As soon as the process is complete, the apps are suspended again, and later terminated, for better performance and security. But during this small timeframe, some apps were observed collecting sensitive device data. That includes system uptime, locale, keyboard language, available memory, battery status, storage use, device model, and display brightness. All this, Mysk argues, can be used to fingerprint (profile) users, and later track them. Apple's move

    "Our tests show that this practice is more common than we expected. The frequency at which many apps send device information after being triggered by a notification is mind-blowing," Mysk's X post noted.

    There are many apps that abuse the privilege of serving push notifications to mobile users, apparently, including the likes of TikTok, Facebook, Twitter, LinkedIn, and Bing, the researcher said in a demo video posted on YouTube.

    In its writeup, BleepingComputer reached out to Mysk, who confirmed that
    Apple is planning on putting a stop to this practice in a few months.

    Apparently, in the near future, Apple will tighten the restrictions on using APIs for device signals and will demand app developers to state exactly why they need to use APIs that can lead to user profiling. Developers that fail
    to provide a satisfactory answer will be denied access to the App Store.

    In the meantime, if youre worried about being profiled by Facebook and the gang, make sure to disable push notifications completely.

    The companies mentioned in the report have not yet commented on Mysks findings. More from TechRadar Pro Cisco urges users to update this dangerous software flaw immediately, or put devices at risk of being hacked Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/some-of-the-most-popular-iphone-apps-ar e-stealing-your-data-using-ios-push-notifications


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)