The US’ National safety Agency (NSA) and its UK counterpart, GCHQ, have been honing their data-slurping technologies to suck up anything they can get from leaky smartphones, the protector reported on Tuesday.
Beyond device details, data shared over the internet by iOS and Android apps can include personal information such as age, gender, and location, while some apps share even more responsive user information, such as sexual first choice or whether a given user might be a swinger.
The Guardian, relying on top-secret documents handed over by whistleblower Edward Snowden, says that the spy guys are increasing capabilities to milk this private information from apps as innocuous as the insanely popular Angry Birds game.
Reporting in partnership with the New York Times and Pro Publica, they revealed that the NSA and GCHQ have “common tools” ready to throw against iPhone, Android and other phone platforms.
The agencies also apparently think of Google Maps as a gold mine. The Guardian reports that one project involved intercepting Google Maps queries from smartphones to collect large volumes of location data.
The documents suggest that, depending on how much information a user has provided in his or her profile on a given app, the organization could collect “almost every key detail of a user’s life”, the protector reports: home country, current location (through geolocation), age, gender, zip code, marital status – options included “single”, “married”, “divorced”, “swinger” and more – income, ethnicity, sexual orientation, education level, and amount of children.
Given how popular Angry Birds is, and given that the secret documents use it as a case study, some articles have hung Angry Birds in their headlinery – that’s like finery, but with headlines instead of undies.
But Angry Birds shouldn’t be singled out as being in any way subverted or corrupted by the NSA or GCHQ.
Angry Birds is, after all, just one of thousands of mobile apps, none of which has been indicted as complicit with, or data-raked by, the NSA or GCHQ – rather, the spying agencies are, as news reports say, simply tapping data as it flies across the network.
It’s easy to see why: it’s a heck of a lot more fun to have apps spill your beans, since in switch over we get linked to communities or get shiny doo-dads. All we have to do is fill out profiles with stuff they actually don’t, really, need – birthdates, marital status, etc.
We can take back a large chunk of our privacy simply by refusing to hand over data, whether it’s given in a profile or beamed out when we have WiFi and/or geolocation turned on.
Cinching our data waistbands can be done with three simple steps, outlined by Naked safety in the Privacy Plan Diet.
If you can live without “discover My iPad” or other such geolocation-dependent goodies, you can keep a lot of your data out of the hands of spies, marketers or other data busybodies.
But beyond information knowingly handed over in profiles, phone apps have a nasty habit of distribution more data than users may realize.
Sometimes the holes come from software bugs, but then again, sometimes data leakage is an unintended effect of users’ own, deliberate actions, such as:
Twitter users having geolocation turned on, using the word “home” in their tweets and, Presto! thereby potentially handing a nosy small function their home address.
Soldiers snapping photos that smartphones then mechanically geotag, giving the enemy their coordinates.
Beyond bugs and deliberate leakage from probably-inattentive users is yet another category: apps that silently gulp data in the environment while they’re doing innocent-seeming things in the foreground, such as being a flashlight or a mobile phone app for kids.