Data collection problems were found in Baidu Maps and Baidu search box applications. After Google’s investigation, these two apps were removed from the Play Store in October 2020, and the Baidu search box made a comeback last week.
Two Android apps belonging to Chinese tech giant Baidu were removed from the official Google Play store at the end of October.
Google received a report from Palo Alto Networks, a US cybersecurity company, that the two apps (Baidu Maps and Baidu Search Box) had been deleted. The report stated that the two apps contained code to collect user information.
According to Palo Alto Networks, the data collection code was found in Baidu Push SDK and used to display real-time notifications within two apps.
Two researchers, Stefan Achleitner and Xuchengcheng, who identify data collection behavior, believe that the code collects detailed information such as phone model, MAC address, operator information, and IMSI (International Mobile Subscriber Identity).
Achleitner and Xu said that while some of the information collected is “quite harmless,” certain data such as IMSI codes “can be used to uniquely identify and track a user, even if the user switches to another phone.”
The research team said that although Google’s policies for Android apps did not specifically prohibit the collection of individual user details after reporting the problem to Google, the Play Store security team confirmed their findings and “confirmed [others] in two investigations.
Unspecified violations of the “Baidu app” eventually led to the removal of these two apps from the official store on October 28.
A Baidu spokesperson said in an email today that although the original Palo Alto Networks report center’s data collection behavior triggered an investigation by the Google team, the data collection behavior is not the reason for the withdrawal of the two apps from the Play Store. . First, because the Chinese company has obtained the user’s permission, it can collect this information from the user.
Nevertheless, the Google team also found other problems, and the Baidu team said it is working hard to solve them. At the time of writing this article, the Baidu search box application has been restored to the Play Store. Baidu said that after Baidu developers fixed the reported issues, the Baidu Maps application will also make a comeback.
Before the deletion, the downloads of these two applications totaled more than 6 million. But apart from Baidu’s push of the SDK, the Palo Alto Networks team also said that they also found similar data collection code in the ShareSDK developed by the Chinese advertising technology giant MobTech.
Achleitner and Xu said that the SDK had been used by more than 37,500 applications,
The SDK also allows application developers to collect data such as phone model information, screen resolution, MAC address, Android ID, advertising ID, carrier information, and IMSI (International Mobile Subscriber Identity) and IMEI (International Mobile Equipment Identity) code.
Achleitner and Xu said: “Analysis of Android malware shows that malicious applications often use SDKs (such as Baidu Push SDK or ShareSDK) to extract and transmit device data,” he hinted, although these SDKs may be developed for legitimate purposes Yes, such as pushing notifications and sharing content on social media, which are often abused by malicious application developers.
All in all, this is not only a regular problem of the Android ecosystem but also a regular problem for the entire online application world. Many applications collect sensitive user details without restriction without restrictions on such behavior.