A new prototype Android extension automatically detects apps that are trsnsmitting private data - and finds that as many as half of popular applications do.
TaintDroid monitors how applications access and use privacy-sensitive data, such as location, microphone, camera and phone numbers. Within seconds of using a newly installed app, it alerts the user if information has been sent to a third party.
Developed by an inter-university team, together with Intel, TaintDroid recently found that 15 of 30 randomly selected, popular, free Android Marketplace applications sent users' private information to remote advertising servers, and two-thirds of the apps handled data in ambiguous ways.
"We found it surprising that location information was shared with ad networks without further explanation or notification," said Intel's Jaeyeon Jung.
The team found that some applications shared GPS sensor location information with advertisement servers only when displaying ads to the user. Other applications shared location even when the user was not running the application. In some cases, location information was being shared as frequently as every 30 seconds.
The results support an SMobile Systems study published in June 2010 which found that 20 percent of the then-available 48,000 third-party applications for the Android operating system provided sensitive or private information to outside sources.
"We don't have the data to say that a majority of third-party apps are untrustworthy," said Landon Cox, an assistant computer science professor at Duke University.
"This study, however, is a proof-of-concept to show the value of enhancing smartphone platforms to include real-time monitoring tools like TaintDroid to give users an awareness of how their information is being shared."
Currently, mobile-phone operating systems do offer users some controls, such as asking the user which services and data an app may access.
If the user denies access, the application can't be installed. But if the user does install the app, the permission checks don't always explain how these services and data will be used.
TaintDroid uses what's called dynamic taint analysis to mark information of interest with an identifier. This taint stays with the information when it is used, and can then be tracked. TaintDroid tells the user if and where information has been sent as soon as the app is closed.
"This automatic feedback gives users greater insight into what their mobile applications are doing and could help users decide whether they should consider uninstalling an app," Gilbert says.
The team plans to make TaintDroid publicly available to continue to improve smartphone application monitoring.