Story image

Android apps can track network connections - is it time to use a VPN?

14 May 2018

While Google is finally about to address the problem of apps monitoring network activity, it’s only going to happen on the upcoming version of Android, known as Android P.

For years apps have been able to find out what other apps are connecting to the internet, when they are connecting, and what they are connecting to. While they can’t access the content being transmitted, they can sniff any connection to see if apps are connecting to a certain server, such as a financial institution’s server.

NordVPN says Google Play was filled with hidden trackers, and each downloaded app put victims in a ‘surveillance network’.

While Android P is only in beta stages, NordVPN says Android users may encounter other security holes before the operating system starts to be rolled out to all devices.

Most apps will still have unrestricted access to network activity until at least 2019. From 2019, Android will use a new logic for the way apps access APIs.

“User tracking without their consent undermines basic privacy and security,” comments NordVPN’s CMO, Marty P. Kamden.

“Apps can monitor network activity even without requesting any sensitive permissions. In addition, this privacy hole could easily be exploited for malicious purposes - for example, when user’s browsing history is collected, their online profile can be created.”

He says that Google is responsible for protecting users’ network activity from tracking, but users should also use additional means to safeguard their online privacy. A VPN is one way users can connect to the internet.

NordVPN offers five tips for Android users who want to keep their devices safe.

1. Make sure not to download fake apps – do not click on phishing messages. Original apps from Google Play may have trackers that sell users’ data to advertisers. However, fake apps are even more dangerous.

By implanting fake apps on people’s devices, hackers or even governments can piece together text messages, browsing history, call logs and location data.

Targets can be tracked and their data can be stolen, because they downloaded a fake version of messaging apps like Signal or WhatsApp through phishing messages received on Facebook or WhatsApp.

2. Get serious about passwords. Most Internet users reuse the same password across multiple accounts. Once a hacker is able to read one of a person’s passwords, they would be able to unlock all their devices and read their emails, enter their bank accounts, and so on. The best way to go is one of the password managers that generate and store different passwords for each account.

3. Accept all software updates & security patches. Android devices – same way as Apple – have recently revealed processor vulnerabilities, designed to hack a smartphone. The only way to avoid these Intel, AMD and ARM chip flaws is to update the phone whenever newest patches are released. 

4. Install a VPN. You might have downloaded apps without malware and installed newest security patches, but all your communications and Internet browsing can still be intercepted if you don’t use a VPN. A VPN safely encrypts all information traveling between a device and a VPN server, and is a must on every device, especially if they are using open WiFi networks.

Why 'right to repair' legislation could be a new lease on life for broken devices
“These companies are profiting at the expense of our environment and our pocketbooks as we become a throw-away society that discards over 6 million tonnes of electronics every year.”
Hands-on review: Huawei Watch GT
I’ve thoroughly enjoyed my time with the Watch GT. It’s converted me from being anti-smartwatch to someone who’s genuinely considering buying one.
How NVIDIA aims to kick-start next-gen gaming
Integrating into game engines new features such as real-time ray tracing can accelerate the development process.
Huawei talks P Series history - and drops hints on the P30
Next week will see the covers come off the new Huawei P30 Series at a special launch event held at the Paris Convention Center.
Hands-on review: Xiaomi’s Mi Mix 3 and the Amazfit Bip
You’ll probably be sad to see another device say ‘farewell’ to the 3.5mm headphone jack. Fortunately though, as mentioned, Xiaomi were kind enough to include an adapter in the box.
How Cognata and NVIDIA enable autonomous vehicle simulation
“Cognata and NVIDIA are creating a robust solution that will efficiently and safely accelerate autonomous vehicles’ market entry."
Kiwis know security is important, but they're not doing much about it
Only 49% of respondents use antivirus software and even fewer – just 19% -  change their passwords regularly.
Instagram: The next big thing in online shopping?
This week Instagram announced a new feature called checkout, which allows users to buy products they find on Instagram.