MANY ANDROID APPS TALK TO PRIVATE SERVERS …AND IT’S OFTEN NOT CLEAR WHY ****












A recent report on Android application behavior points to a startling amount of back-end Internet traffic with no benefit to the end-user but a significant impact on battery life. Researchers with MIT and Global InfoTek recently performed an extensive analysis of the top Google Play applications and found a great deal of communication that doesn’t appear to impact any aspect of the customer’s application experience.
What the team found is that 62.7% of the connections made by major Android applications (defined as the top 20 apps in the Google Play Store, disregarding chat programs) could be classified as “covert.” Blocking these applications from connecting to online sources resulted in no visible or measurable change in how the app functioned on the user’s PC.
Table2
In some cases, this covert behavior is linked to known A&A (Analytics and Advertising) libraries, but these known libraries acount for just 43% of the total. Many of the rest fall into their own custom areas. The report states:
"Twitter uses covert connections to collect information about videos and other rich media attachments followed by the users in tweets. The GO Keyboard application sends, via a covert connection, a set of ids to the launchermsg.3g.cn server; it also sends some encrypted data, which we could not decode, to nextbrowser.goforandroid.com. Both Pandora and Spotify music players use Facebook’s social graph services [12], sending out information about the application usage. As another example, the Walmart application incorporates the barcode scanner library provided by Red Laser [13] – an eBay company that specializes in comparing prices. This library causes the application to send out information about the scanned barcode to the data.redlaser.com server. Yet, blocking that release of information does not harm the scanning capabilities."
Once the team concluded that their detection and blocking mechanisms accurately captured in-application activity and caused no problems, they applied their search techniques to the top 500 applications in the Google Play store. This expanded sample found that 46.2% of the communication within an application is considered covert. The chart below shows the top connections made to various services.
Table5
It’s not at all surprising to see Google’S APIs at the top of the list, but Gameloft’s position is worth an eyebrow. While they only tested 17 Gameloft products in the Top 500, 87.4% of the connections made by Gameloft were covert.

Does this impact battery life?

The obvious answer to the above question is “Yes,” but how much and to what degree is going to be highly application-specific. Applications that maintain a connection to the Internet will already keep your WiFi or cellular radio online, so the added power cost of 1-2 additional connections is low. Gameloft, on the other hand, makes an average of 46 covert calls per application. Even if each of those connections uses very little power, 46 of them at high frequency will add up.

That said, this isn’t particularly surprising. We’ve known for a long time that Android applications were poor stewards of smartphone battery life; many applications that incorporate freemium business models will download huge ads in the background, chewing through bandwidth and leaving the modem active for much longer than it ought to be.
Still, investigations like this reveal part of why major companies continue to suffer from major security problems and consumer privacy breaches. An application developer that builds their product to make dozen of covert connections that have nothing to do with the actual product has little reason to take your privacy seriously — and likely doesn’t.
Obviously application developers have to make money, and connecting to an ad service doesn’t mean the company is doing something wrong– but when applications are making hundreds of connections without notifying the end user, you can bet that you’re taking it on the chin in terms of battery life, privacy, or both.

Comments

Post a Comment

Popular posts from this blog

THE ROLE OF THE CHURCH IN POLITICS AND EDUCATION IN NIGERIA Interview with Msgr. Nathaniel I. Ndiokwere 1. MAY WE KNOW YOU MONSIGNOR?  I am Nathaniel Ikechukwu Ndiokwere. I don’t usually add titles to my names, because I have always believed it is not necessary to let people honor or respect us, the clergy and lay people, all over the world, especially in Nigeria on account of the number of titles we accumulate.  I am Father or Monsignor Ndiokwere. If I add my titles, they will fill half a page of this sheet of paper. It is not necessary.  I learnt it is a sign of humility, to shun titles imposed by society to earn or boost prestige. Most white people don’t add series of titles to their proper of second names to let people admire their academic, traditional or cultural achievements.  2. YOU ARE ALWAYS SATISFIED AND PROUD OF YOUR ACHIEVEMENTS SO FAR, WHAT REALLY GIVES YOU THE GREATEST JOY IN LIFE?  My “strange nature” makes me feel satisfied and proud and through
Read more

GRATITUDE VIS-A-VIS THANKFULNESS

Image
Gratitude Vis-a-vis Thankfulness William Arthur Ward will say... "feeling gratitude and not expressing it is like wrapping a present and not giving it out". Zig Ziglar in one of his write-up made clear also that..... "gratitude is the healthiest of all human emotions. The more you express gratitude for what you have, the more likely you will have even more to express gratitude for". Based on this podium, I wish to express my unalloyed gratitude to you all my good friends who   wished me happy birthday on the day I added +1. Some of you guys called, text, sent gifts and even posted something with regards to my birthday on your media walls, I really appreciate that from my heart especially to these good friends of mine;   Rosemary Ebere , Frank Anderson ,   Igwe Toby ,   Richard Valentine ,   Ugwu Eustace ,   Festus C Iwuagwu ,   Johnson Divine ,   Duru Kennedy ,   Nwoko Evelyn Onyisi ,   Kingsley Nonso ,   Bonfrere Chidiebube , Mgbeojeme Luke ,   Uchenna Chuk
Read more
Image
NASA solves the mystery of Mars’ missing atmosphere !!!! http://www.extremetech.com/extreme/217605-nasa-solves-the-mystery-of-mars-missing-atmosphere After decades of work, NASA believes it has solved one of the most fundamental questions of how Mars became the dusty, barren planet that it is today. Over the past 15 years, rovers like Spirit, Opportunity, and Curiosity have uncovered compelling evidence that Mars was once covered  by a liquid ocean . This, in turn, implies that the planet was much warmer, possibly with an oxygen-rich atmosphere. The problem is, today’s Mars bears little resemblance to the primordial planet it must have been. Mars’ atmosphere is a fraction the density of Earth’s — air pressure at the summit of Mount Everest (the highest point on Earth) is 4.89 PSI, while the air pressure at the bottom of Mars’ Hellas Planitia (a 23,465-foot deep crater) is just 0.168 PSI. In other words, the air pressure at the highest point on our planet is 29x higher than
Read more