Search DC to White Light

Sunday, June 18, 2017

Check your Updates! You may be getting scammed – or watched.

Howdy.  I’m here from the American Paranoia Foundation.  My job today is to make you worry about the updates to all those apps on your phone or tablet. 
If you’re a younger reader (oxymoron) you’ve probably set your phone or tablet to automatically update all apps.  Maybe you set the options so they only update on wifi or during certain hours, but you’re letting it happen automatically.  Why not.  Saves a lot of tapping.
For starters, it means you don’t get to see the access any given app is asking for…the access you’re giving it without question.  To be fair, some phones will pop up a warning but many don’t.  If you told it to update automatically it goes right ahead. 
Depending on the app, it may “need” access to read and write capabilities, in-app purchases, photos, music, files, device ID and information, device history, wifi information, and the biggies, your location and identity.  A new photo-posting app definitely needs access to your media and maybe your camera.  An audio player surely needs access to your music.  Of course, “friend finders” need your location.1

Now, think about it.  I know I’ve mentioned it before, but this is serious.  If you’re trying to protect your privacy, well, forget that.  Ordinary – otherwise benign – apps can find out all about you.  They can capture your emails and texts and send them back to the app designer.  Ever deposit a check with your phone?  Might as well call all those apps to make sure they got the data.

And think about passwords.  If you keep any of them on your phone, you gave those apps access to them.  Ah, smarter than that, are you.  You don’t keep any passwords on your phone.  You keep them in your noggin.  Fine.  But if you’ve used any passwords on line (checked your bank balance?) it’s out there.

Update (6/19/17):  A good friend sent a note pointing out another huge issue.  Your contacts.  If the app has access to your contacts, it can find out everything about them in addition to you.  So if you keep meta information about friends on your phone, maybe address, private email info, other "secret" info, well, in addition to leaving yourself vulnerable, you're giving away their information, too.  That's pretty nasty and irresponsible.  End of update.

I tried to check out a few, sending emails to app developers requiring access that, to me, they didn’t need.   Seriously, why does a chess game need to know my identity?  Or my phone’s history?  I sent emails to those that I could, eight in total.  Got one response and that referenced only my question about location.  "In order to efficiently deliver ads...", they needed to know my location.  Also told me that I could avoid that by paying for the ad-free version.  I didn’t but I want to buy it and see if it still asks for location.  Bet it does.

If you’re an Eric Schmidt fan, you’re also a believer in “…if you have done nothing wrong, you have nothing to hide…” as he said in defense of Google policies.  Go ahead.  Let it all hang out there. 
However, if you’re more like I am, shut down the apps or add identity, location, and IP blockers.2  Better still, just dump those apps.  But know this:  some apps leave breadcrumbs.  They may be orphaned files but they also could be operational elements, left there to keep a lookout on your wellbeing.  There are other apps that will remove these files – but they require access to your identity, location, wifi, history, and device.  I’m just sayin’.
1 If you’re using a “friend finder” paint a big bullseye on your back.  Seriously.  If they’re your friend, call them up.  Text them.  Send a telegram, try smoke signals or a Cessna towing a sign.  But axe the friend finders.
2 I downloaded an app that purported to encrypt texts.  99¢ to find out that it wanted my location and identity.  It didn’t get installed.  Told you I was from the American Paranoia Foundation.

No comments:

Post a Comment