Closed device identifier leaks

  • Home
  • Closed device identifier leaks

It is important to note that both iOS and Android apps leak data which makes phone users vulnerable to remote SIM card rooting, denial-of-service attacks and consequently data theft. In 2012, hackers stole 1 million identification numbers from Apple iPhones. Researchers have reported that Android and iOS users are vulnerable which means that any of the phone users are frequently exposed to several security threats that are related to mobile apps.

Most apps have identified privacy leakage problems. The apps are going big on sending metadata, personally identifiable information and location to an ad server or a developer’s server. If you have noted, when you download a certain app, you can find several advertisements, cookies and pop-ups on your screen. The problem is tied to apps that send data and personal information to ad servers or developer’s servers.

Granitephones fixes numerous prominent device identifier leaks bypassing Android’s intention of apps that cannot identify all unique devices. Our company offers a secure app spawning system that protects your phone against exploitation. In the same way, the process works to offer you privacy. For a phone that does not have a secure app spawning system, the secrets used for probabilistic exploitation mitigations, for example, ASLR device identities persist until one must reboot the phone.

Besides, we have built the spawning system with other different channels to identify devices across apps. In addition, the system fixes the direct identifier leaks. For example, if a phone is connected to an ad server, the secure application spawning system can identify the devices on the other end.

In the recent past, we also worked on sealing several shortcomings in preventing apps from accessing hardware identifiers. Our systems ensure that we impose restrictions on apps that target legacy Android platform versions.