Google is ignoring the Android Contacts Tracker Privacy Flaw
When the world deteriorated during the COVID-19 pandemic more than a year ago, the world of technology rushed to help. Google and Apple have developed contact applications designed to alert you to potential COVID-19 contact and thus promise privacy. While it appears that Apple has kept its promise, investigators have found a privacy violation in the Android Contacts app.
Contact tracking application privacy error detected
The idea behind both contact tracking apps is that they use your location to alert you if you were in contact with someone with a known COVID instance.
Millions of users have downloaded Android and Apple contacts apps internationally. Different countries and states have created their own versions of the app.
AppCensus researchers tested the applications under an agreement with the U.S. Department of the Interior. When he found a privacy violation in the Android Contacts app, AppCensus claims that Google ignored it in the face of this problem in February this year.
“This fix is a one-line thing where you delete a line that stores sensitive information in the system log. It doesn’t affect the program; it doesn’t change the way it works,” said Joel Reardon, AppCensus founder and general counsel. “It’s such an obvious solution, and I was amazed. , it was not seen in this way. ”
However, Google has defended its actions. “We were notified of an issue where Bluetooth login information was temporarily available for certain system-level applications for debugging, and we immediately began deploying the patch to address this issue,” the operator said. Google word José Castañeda statement sent by email.
The app census doubled when founder and chief technology officer Serge Egelman said Google has repeatedly ignored its concerns. However, Castañeda also doubled, arguing that “the implementation of this update for Android devices began several weeks ago and will be completed in the coming days.”
Why is this considered an invasion of privacy?
Reardon explained that the problem with the Android Contacts Tracker is considered a privacy violation because preinstalled applications have access to sensitive information collected by the Contract Tracker and stored in system logs.
The agreement tracking application uses an application to exchange anonymous Bluetooth signals with other devices. To improve privacy, signals are changed every 15 minutes and the keys that generate the signals are changed every 24 hours.
“Google says these logs will never leave the device,” Reardon said. “They can’t make that argument – they don’t know if any of these apps collect system logs. ”
Reardon contacted Google after a privacy violation was discovered in the Android Contacts app to report it to Google’s debugger. In return, he received an email stating that the privacy violation was not sufficient for AppCensus to receive payment.
However, it seems a bit disgusting. Users who are concerned about their physical security may lose their security. Hopefully Google is really working on this – users shouldn’t have to make that choice.
Learn how Safe Blues Virtual Virus was developed for COVID monitoring.