A Popular Virtual Keyboard App Leaks 31 Million Users' Personal Data (zdnet.com) 65
Zack Whittaker, writing for ZDNet: Personal data belonging to over 31 million customers of a popular virtual keyboard app has leaked online, after the app's developer failed to secure the database's server. The server is owned by Eitan Fitusi, co-founder of AI.type, a customizable and personalizable on-screen keyboard, which boasts more than 40 million users across the world. But the server wasn't protected with a password, allowing anyone to access the company's database of user records, totaling more than 577 gigabytes of sensitive data. The database appears to only contain records on the app's Android users.
Hanging offence (Score:3)
But the server wasn't protected with a password,
Re:Hanging offence (Score:5, Insightful)
Frack the password - why was a fracking *keyboard app* storing personal information on a remote server in the first place!?!?!
Idiot users (Score:4, Insightful)
Would you like to install this keyboard that requires access to the network?
No.
Re: (Score:1)
Ummm. I don't know. I really want to use this software. Crap. OK Yes.
Re: Idiot users (Score:2)
Security updates are handled by the OS, not the keyboard. Anyone claiming the keyboard needs Internet for security updates is an obvious scammer.
Re: (Score:2)
Depends on the implementation of the keyboard. If the keyboard has downloadable components, such as parts written in javascript, or datafiles then downloadable updates could include security fixes.
Re: (Score:2)
An every keyboard written today is written this way. What are you going to do, ship every language to every phone regardless of if it will be used? Of course not, you download the dictionaries at runtime. You'll find few to no keyboards without a network connection of some type.
Re:Idiot users (Score:4, Informative)
Most of them do unfortunately. E.g. SwiftKey does. Also SwiftKey used to be an indie dev house but that got bought by Microsoft. It'd be nice to think that Microsoft selflessly love Android users and want to support a good keyboard application for Android and iOS even though they are competitors to Windows Phone. However it's more likely that they bought it because it had a bunch of user data they could monetize in various dubious ways.
https://swiftkey-keyboard.file... [fileplanet.com]
Potentially dangerous permissions
GET_ACCOUNTS: Allows access to the list of accounts in the Accounts Service.
READ_EXTERNAL_STORAGE: Allows an application to read from external storage.
READ_SMS: Allows an application to read SMS messages.
WRITE_EXTERNAL_STORAGE: Allows an application to write to external storage.
Other permissions
ACCESS_NETWORK_STATE: Allows applications to access information about networks.
ACCESS_WIFI_STATE: Allows applications to access information about Wi-Fi networks.
INTERNET: Allows applications to open network sockets.
RECEIVE_BOOT_COMPLETED: Allows an application to receive the ACTION_BOOT_COMPLETED that is broadcast after the system finishes booting. If you don't request this permission, you will not receive the broadcast at that time. Though holding this permission does not have any security implications, it can have a negative impact on the user experience by increasing the amount of time it takes the system to start and allowing applications to have themselves running without the user being aware of them. As such, you must explicitly declare your use of this facility to make that visible to the user.
VIBRATE: Allows access to the vibrator.
WAKE_LOCK: Allows using PowerManager WakeLocks to keep processor from sleeping or screen from dimming.
com.android.vending.BILLING
com.google.android.c2dm.permission.RECEIVE
com.swiftkey.languageprovider.READLANG
com.swiftkey.swiftkeyconfigurator.READCONFIG
com.touchtype.swiftkey.permission.C2D_MESSAGE
So does Swype
http://forum.swype.com/showthr... [swype.com]
Hi there, I just spotted Swype in the Google Play store and had exactly the same concerns.
Outside of reading the dictionary, I would not have expected Swype should not require any special permissions, and yet it wants a big long list of permissions:
Record audio
Get my approximate and precise location
Read my text messages
Full network access
Pair with Bluetooth devices
Read my contacts
Read terms I've added to the dictionary
Read call log
Read phone status and identity
Modify or delete the contents of my USB storage
Find accounts on my device
View network connections
View wifi connections
Access protected storage
So does Google Keyboard
https://www.xda-developers.com... [xda-developers.com]
Let's take a look at what's going on here. First off, Google Keyboard has access to your own contact card, and accounts on your device. This means it has the ability to know who you are, and all of the Email (and other) accounts you have available on your device. That means it's possible for them to see what Google/Dropbox/ Twitter/Microsoft Exchange/Facebook accounts you have available on your phone. I have absolutely no idea why this is needed, nor why people are willing to give this information over.
Next up, the app can read your contacts. That's fair enough-Google obviously want to add your contact names to the spell-checker and auto-complete databases. This makes sense, and is something justifiable for a keyboard. The ability to modify or delete the contents of USB storage is somewhat strange, but while it does allow access to all your data stored on your "SD card," there's unfortunately no real
Re: Idiot users (Score:2)
And just a think, I can install a third party keyboard on iOS and not allow it any of these permissions - or even network access.
Re: Idiot users (Score:2)
Just like you can on Android. Users have to make smart choices.
Re: (Score:2)
Can you both tell it to not allow network access and still install it and it will run?
Do you have to purposefully go into settings and enable network access or is that one of n number of permissions in an unituitive list that people will just press okay?
Re: (Score:2)
You can't deny an app network access, except by not installing it. An Android app does need to request network permissions to access the network, so the user will be notified it can do this, but it's not a configurable permission. You have to uninstall the app the prevent it from accessing the network.
Re: (Score:2)
You can't deny network access in iOS either in general (only cellular access). But Apple has the good sense to make sure that installing a keyboard and allowing it network access had to be a very intentional act. You have to go to settings to do it. You can't just mindlessly click "Allow" based on a prompt.
Re: Idiot users (Score:2)
I use MessageEase. The only permission it asks for is "Record Audio" so it can perform voice typing.
Re:Idiot users (Score:5, Informative)
Having worked at Swype, I can tell you why most of those are there.
Record audio- see the voice recognition button? Required for it to work. Lots of people like voice recognition
Get my approximate and precise location- download dictionaries of local places that wouldn't be in the normal dictionary.
Read my text messages- train autocorrect algorithms
Full network access- upload dictionaries to the server/download your dictionaries to a new device. Also their whole theme download store.
Pair with Bluetooth devices- bluetooth headsets
Read my contacts- we scan your contacts to add the names to the dictionary, so it will allow you to type your friend's names.
Read terms I've added to the dictionary- Swype has its own dictionary, but if you added any to the device's we want to add those to ours
Read phone status and identity- literally this was to turn off typing noises when on speakerphone
Modify or delete the contents of my USB storage- to allow you to store the dictionary on a connected device, if you wanted
If you want a smooth app that integrates with the OS well, you're going to need a lot of permissions. There's just no way around it.
Re: (Score:2)
You can, but you still have to claim all the permissions you could use. That's the way the permissions work- you put them all int he manifest, and all are shown when you download it. (Then on modern android some permissions require you to ask again at runtime).
Re: (Score:3)
It would be nice if the Android permissions could be better divided in places. As you point out, knowing the phone is off hook or ringing is legitimate for practically any app that generates sound, but they don't really need to know who is calling or being called. Unfortunately, asking for one without the other isn't possible so everyone gets the side eye.
Likewise, a bunch of apps that need extra storage space end up making suspicious sounding requests to access photos, music, and videos when all they reall
Re: (Score:2)
It would be. They seem to be going the other way though- bundling permissions in permission groups on the play store listings. At least now you can turn them on and off individually, and well written apps will still work.
Re: (Score:2)
I worked with the people who wrote the feature. I also have seen it in action as a user- when I went to Spain a large number of local places like the Segrada Familia went into the dictionary. I can assure you that was absolutely what it was added for (and it only used approximate location, no need to know the location to more than city). Whether its been increased in scope in the last few years I couldn't tell you, I left the company in May 2012.
Re: (Score:2)
" Eitan Fitusi, co-founder of AI.type ..."
So, it uses AI to predictive suggest as you type. Seems like that would require network access. Not that I would install it. I turn off googles default predictive typing for that exact reason.
Re: (Score:2)
Actually it doesn't, that level of data can be stored on the client (and generally is). Its simple n-grams. Keeping it up to date would require network access.
that's a lot of user data (Score:1)
Great Scott!
Stolen contact data... (Score:4, Insightful)
A keyboard CrAPPlet has no need for access to contact data, let alone to upload it to an outside server. There could be only two reasons: to spam, or to sell it.
Either way, hope the company gets sued to Kingdom come and its founder ends up jailed.
Re: (Score:2)
Proud Luddite.
Ludd! Ludd! Ludd-ludd-ludd :)
Re: (Score:1)
That is not entirely true. The names of people you know are there, including how to spell them. Surely a keyboard application could make use of that data.
Obligatory (Score:2)
"I'm in your keyboard, leaking your personal data."
Stupid quotes. (Score:5, Informative)
A quote from within the article (yes someone read the article):
"It raises the question once again if it is really worth it for consumers to submit their data in exchange for free or discounted products or services that gain full access to their devices,
Like paying for the same app will really turn off that data collection. The question things like this really raises is if allowing any data collection at all, ever, should be allowed.
Google changed Android so that all apps have (Score:1)
Google changed Android so that all apps have "internet" rights.
Smart move, it's an advertisement company after all.
Re: (Score:1)
"It raises the question once again if it is really worth it for consumers to submit their data in exchange for free or discounted products or services that gain full access to their devices,
Free comes with a dick up your ass.
- Future, 8 Mile
For heaven's sake, which app?? (Score:2)
Was the person posting this article new, or was there some compelling reason not to disclose the app in question?
Re: (Score:2)
co-founder of AI.type, a customizable and personalizable on-screen keyboard
It's in the summary silly.
Re: (Score:3, Informative)
I had to look it up elsewhere. Apparently, it's the company AI.type [aitype.com], based in Tel Aviv.
Other articles I found this in:
A popular virtual keyboard app leaks 31 million users’ personal data [databreaches.net]
Virtual Keyboard Developer Leaked 31 Million of Client Records [mackeepersecurity.com]
Re: (Score:2)
It was in the summary. The keyboard in question is AI.type [aitype.com].
Re: (Score:1)
It’s in the second sentence. Do you have the attention span of a gnat?
18.6 MB per customer? (Score:4, Interesting)
Clearly this is rather more than just some basic contact details and IP addresses and suggests that the bulk download of data from phones described in the article isn't just an occasional aberration.
How come the Andoid OS even allows a keyboard app access to stored data in the first place?
Re: (Score:2)
How come the Andoid OS even allows a keyboard app access to stored data in the first place?
Because the user allowed it.
Math fail. (Score:5, Informative)
Re: (Score:2)
It's a complete log of everything ever entered using that app.
You know.
Like URLs, usernames and passwords.
Re:18.6 MB per customer? (Score:4, Interesting)
Makes mental note to triple check maths before posting comments! Clearly 18.6 kB could easily be the amount typed into the keyboard.
That's not the leak. (Score:4, Funny)
Only Android...AI...hmmmmm (Score:2)
Re: Only Android...AI...hmmmmm (Score:2)
Yay Apple (Score:2)
Even with all of Apple's recent fuck-ups I'm still happy to have an iPhone every time I read about yet another security breach on Android.
Hacker keyboard (Score:2)
It doesn't do predictive text, but everything else. I find the Ctrl C and V very useful https://play.google.com/store/... [google.com]
No permissions other than input.