Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Core features of apps == "leaks"? (Score 2, Insightful) 299

Right, the paper lists some common applications used by millions of people (BBC, Evernote, Weather Channel) that appear to be using the requested APIs for exactly what you'd expect. It lumps those in with a few obscure and sketchy ones doing nefarious things with those APIs. It makes no attempt to determine which apps are actually doing anything unexpected/evil, and which are behaving in exactly the way that a user would expect.

The unfiltered list gets posted on Slashdot, showered with the obligatory snark and tinfoil.

A first pass sanity check on the apps would have been more responsible.
E.g. "The Weather Channel app sends my location to their servers ... could this have a legitimate purpose for telling me the weather?"
This would have probably pruned the list of applications down to a handful of garbage ones that no one had ever heard of.

Comment Core features of apps == "leaks"? (Score 5, Insightful) 299

The headline doesn't really match the contents of the paper as far as I can tell.
For example, "Evernote" is listed in the paper for:
1) Taking pictures with the camera
2) Recording audio with the microphone
3) Determining your location
And for transmitting this data to its servers.

These functions are, however, exactly what the application is designed for. You take notes (including snapshot notes and voice notes) and upload them to your account. When you launch the app, there are big buttons for "take a snapshot note" , "take an audio note", etc. Geo-tagging via the location APIs can be disabled from the Settings page, but this is another core advertised feature of the product.

So this is a bit like making it into Slashdot by discovering that a mail client transmits text that you type (and your email address!) to a mysterious "SMTP" server.
Headline: "Researchers discover nefarious 'e-mail' application leaking your data ... on the INTERNET!"

Slashdot Top Deals

Time is an illusion perpetrated by the manufacturers of space.