Pre-Loaded Apps on Android Phones Carry Security Risks: Report
Many phone makers offer apps to users which can’t be deleted, and most of them are rarely used.
Many Android phones come with pre-loaded apps that more or less don’t make any sense, and even then you can’t delete them.
But the bigger concern is, there are many such apps which carry security vulnerabilities and a report from researchers at Kryptowire this week gives an in-depth look at the problem. It also talks about what part of your phone can be compromised and what the attackers can access through it.
Such cases have been reported on pre-loaded apps which are sold by phone makers like Asus, Xiaomi and Samsung among others, all of them known for filling up their devices with bloatware ie pre-installed apps.
The test was conducted with support from the Department of Homeland Security (DHS) Science and Technology (S&T) and involved devices from over 29 brands.
As discovered through the tests, the pre-loaded apps were found guilty of installing apps without any authorisation, able to modify system and wireless data settings, as well as record audio on the devices.
Out of the brands mentioned above, Samsung, quoted in this Wired article, reaffirmed all the apps pre-installed on its device are thoroughly checked and after its own investigation, users have nothing to worry about.
We’re yet to see Asus and Xiaomi comment on the subject but it’s quite possible that having custom design interface has left to open gaps which allow third-party players to add their own feature requirements, without letting the users know about it.
For its part, Google claims that its Build Test Suite (BTS) has been created to avoid such apps getting installed on new devices, and if they do, it works with the phone maker to remove or clean it before shipping out to the market.
The only worry is, if you’ve got a malware-infected pre-installed app, you can’t even remove it, and all you can hope is the phone maker or developer releases a quick patch to fix the issue, which will secure the device.
Surely business decisions can’t come at the cost of risks for the user, especially with installing of unwanted apps that cannot be deleted.
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)