Do you ever have creepy feelings in your gut because your phone knows almost every thing about you? What’s more, within the small world of memory card, your phone confines your entire world. Have you ever considered the possibility of leakage of information from your phone? Yet, researchers have found that leakage of information from smartphones is entirely plausible. It occurs every day without heeding to any of the password protections or security measures you might have installed on your beloved smartphone.
A latest report shows that over 3000 Android and iOS mobile apps leak private user data including sensitive user information as well as business data from over 23,000 unsecured firebase databases. According to the report, 27,227 Android apps and 1,275 iOS apps store app data in Firebase’s database systems. 3,046 of these apps have data saved in unsecured databases that can be accessed by anyone. Of these, 2,446 are Android apps and 600 are iOS applications. For example, if you’ve used the fitness-tracking app MapMyRun, there’s a chance that your password has been leaked. A research team led by David Choffnes, an assistant professor in the College of Computer and Information Science, has found “extensive” leakage of users’ information—device and user identifiers, locations, and passwords—into network traffic from apps on smartphone devices, including iOS, Android, and Windows smartphones.
However, all might not be lost. Choffnes has also found a way to stop it. In their lab at Northeastern University, Choffnes and his colleagues developed a simple, efficient cloud-based system called ReCon with a comprehensive trio of functions: It detects leaks of “personally identifiable information,” or PII; it alerts users to those breaches; and it enables users to control the leaks by specifying what information they want blocked and from whom. Choffnes said,
“What’s really troubling is that we even see significant numbers of apps sending your password, in plaintext readable form, when you log in, using public Wi-Fi; some pretty simple software could nab it.”
With ReCon, we still have hope of keeping our smarrsmart privacy intact.