Some versions of Android continually share user data, for Google it is normal

Time: 18/Jul By: kenglenn 405 Views

The theme of privacy in the Android world returns to lively topical as a result of a study with very reassuring results conducted by the University of Edinburgh and the Trinity College Dublin.Google's response on the matter was not long in coming.

After in the last few days there had been talk of privacy by calling into question two giants such as Huawei and Microsoft, this time the speech becomes wider.

Index:

Android and user data

The aforementioned study conducted by the University of Edinburgh and the Trinity College Dublin highlights an alleged privacy problem very extensive in the Android world.

The researchers focused their attention on brands such as Samsung, Huawei, Xiaomi, Realme;But also on two custom Roma such as Lineageos and / E / OS.The data detected is that all customizations continually exchange data with remote servers, with the only exception of /E /.The conclusions of the study are decidedly eloquent:

In the table that you see below, the researchers summarized the types of sensitive data of users who are exchanged by each of the customizations analyzed in the first start phase, as persistent identifiers, details on the use of apps and telemetrical information.

In addition to this, it is pointed out that the data in question are not even shared with the manufacturer, but also with third parties such as Microsoft, LinkedIn and Facebook.The most alarming figure is that this sharing takes place without having installed a single app outside those that come pre -installed.

Alcune versioni di Android condividono continuamente dati dell’utente, per Google è normale

In all this, to make Manbassa of the data shared by Android smartphones is Google, which obtains them in all cases or almost.On Samsungs tested, Google's advertising identifier is sent to Samsung servers and several Samsung system apps collect data through Google Analytics.Google's push service is employed in the Microsoft OneDrive system app, while on the Microsoft's SwiftKey keyboard the Huawei SWIFTKEY keyboard is tested on the Huawei smartphone, send the Google Advertising ID to Microsoft's server.In the same way, the Xiaomi smartphone tested the Google Advertising ID of the device ends with Xiaomi servers.

For Android users there is no way out or opt-out mechanism and the data worries above all in the face of the possibility that in customizations they are inserted natively apps impossible to uninstall that collect user data even if not used.Without silent the fact that some native apps-such as Miui.analytics (Xiaomi), Heytap (Realme), Hicloud (Huawei)-use figures that can be decoded, opening up to the possibility of man-in-the-moidle attacks.

The final part of the study highlights how it cannot be escaped from this continuous sharing of data even through a restoration of the advertising identifiers of your Google account on Android.The reason for this is that the system is able to connect the new ID to the same device and to proceed with the synchronization of the previous tracking chronology.As much as the user on paper remains anonymous, the collected data make it recognizable;On the other hand, SIM data, IMEI of the smartphone, location chronology, IP addresses, network SSID, put together, allow you to trace with good approximation to the identity of the Android user.

In the midst of all this, /E /OS represents a white fly: the Fork is not connected to any producer and was born precisely with the aim of protecting privacy, detaching itself in all respects from Google and its services.

Google's official answer

For Google's official response on the matter you don't need to go too far.Big G speaks of a sharing of data necessary for the purposes of the correct functioning of the main services present on Android devices.Here is the full text of the message:

For the most curious, the complete study is available at this link.

Read also: Google and security: password manager, verification in two steps and more