Uber managed to create quite some stir in many countries, infuriating taxi drivers with some of their cheaper car sharing alternatives coming from unlicensed drivers and all that. It seems there’s more to this story as someone found the app itself being a bit too intrusive...
A security research blog known as GironSec took the Uber app and decompiled it to see what’s under its skin and surprise - it appears to be doing more than what it should do as a simple app to hail you a cab.
According to the extras snagged from the code, the Android version of Uber app collects and possibly sends a lot of personal data you might not be aware of back to the company. About 1,700 lines of code reveal the app can access the phone’s camera, calls, wifi neighbors, accounts, whether the phone is rooted or vulnerable to certain malware and does even keep track of your SMS and MMS logs.
Why the hell would the app need all these? Some believe Uber is collecting the data to make sure there are no fake accounts being made by competitors, but still, the case can be categorized as malware for compromising user personal data.
Is Google having something to do with this since we’re talking about the Android version? Let’s not forget Google has a $258 million stake in Uber, which is one of its biggest deals ever. And maybe they’re using the app’s popularity to scrap some more data out of users.
Whatever it's happening, you should take this as a warning because Uber is definitely not the only app out there collecting data about your personal life. Just pick up your phone, go to the Application manager and check some of your apps’ permissions. See how many have access to messaging, calls and location...
According to the extras snagged from the code, the Android version of Uber app collects and possibly sends a lot of personal data you might not be aware of back to the company. About 1,700 lines of code reveal the app can access the phone’s camera, calls, wifi neighbors, accounts, whether the phone is rooted or vulnerable to certain malware and does even keep track of your SMS and MMS logs.
Why the hell would the app need all these? Some believe Uber is collecting the data to make sure there are no fake accounts being made by competitors, but still, the case can be categorized as malware for compromising user personal data.
Is Google having something to do with this since we’re talking about the Android version? Let’s not forget Google has a $258 million stake in Uber, which is one of its biggest deals ever. And maybe they’re using the app’s popularity to scrap some more data out of users.
Whatever it's happening, you should take this as a warning because Uber is definitely not the only app out there collecting data about your personal life. Just pick up your phone, go to the Application manager and check some of your apps’ permissions. See how many have access to messaging, calls and location...