Android OS Privacy Under the Loupe -- A Tale from the East

Haoyu Liu, Douglas J. Leith, Paul Patras

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract / Description of output

China is currently the country with the largest number of Android smartphone users. We use a combination of static and dynamic code analysis techniques to study the data transmitted by the preinstalled system apps on Android smartphones from three of the most popular vendors in China. We find that an alarming number of preinstalled system, vendor and third-party apps are granted dangerous privileges. Through traffic analysis, we find these packages transmit to many third-party domains privacy sensitive information related to the user's device (persistent identifiers), geolocation (GPS coordinates, network-related identifiers), user profile (phone number, app usage) and social relationships (e.g., call history), without consent or even notification. This poses serious deanonymization and tracking risks that extend outside China when the user leaves the country, and calls for a more rigorous enforcement of the recently adopted data privacy legislation.
Original languageEnglish
Title of host publicationProceedings of the 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks
PublisherACM Association for Computing Machinery
Pages31-42
Number of pages12
ISBN (Electronic)9781450398596
Publication statusPublished - 28 Jun 2023
EventThe 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks -
Duration: 29 May 20231 Jun 2023

Conference

ConferenceThe 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks
Abbreviated titleACM WiSec 2023
Period29/05/231/06/23

Keywords / Materials (for Non-textual outputs)

  • Android OS privacy
  • China firmware
  • PII leakage

Fingerprint

Dive into the research topics of 'Android OS Privacy Under the Loupe -- A Tale from the East'. Together they form a unique fingerprint.

Cite this