Exploring The Current State Of Android Smartphone Privacy

Open Access
- Author:
- Levenson, Jake Maxwell
- Area of Honors:
- Computer Science
- Degree:
- Bachelor of Science
- Document Type:
- Thesis
- Thesis Supervisors:
- Patrick Drew Mcdaniel, Thesis Supervisor
Dr. John Joseph Hannan, Thesis Honors Advisor - Keywords:
- Android
Smartphone
Security
Computer Science
Permissions
Applications
Privacy - Abstract:
- Smartphones are increasingly common in daily life. People see the growing number of functions that these devices provide, but they don’t often consider the cost to user privacy. Android is the largest smartphone platform in the world, with millions of applications that have billions of downloads. Many of these applications gain access to sensitive information and then abuse their privileges in ways that violate user privacy. This work is aimed at exploring the current state of privacy for Android smartphones and their users. First, we look at the current smartphone ecosystem, inherent privacy issues, and how some of these issues have been addressed. We then look at an overview of the Android architecture and its permissions system, as well as how applications are designed and how they can access sensitive user data in the background. By looking into and implementing applications that represent our concerns, we show that access to sensitive resources such as the Camera, Microphone, Calendar, Contacts, SMS messages, Network-Based Location, and Activity Recognition is reasonably accomplished through the official Android SDK. We analyze the data collected by these applications and determine what can be learned about a user, then compare that to sensitive access requested by popular applications. In discussing implications of this data and how it was obtained, we show that permissions are simply not enough to protect the privacy of users.