The Google: Tell Me, Please, What Is a Malicious App?
February 12, 2025
Yep, another dinobaby emission. No smart software required.
I suggest you take a quick look at an important essay about the data which flows from Google’s Android and Apple’s iOS. The paper is “Everyone Knows Your Location: Tracking Myself Down Through In-App Ads” by Tim. The main point of the write up is to disclose information that has been generally closely held by a number of entities. I strongly recommend the write up, and it is possible that it could be made difficult to locate in the near future. The article says:
After more than couple dozen hours of trying, here are the main takeaways:
- I found a couple requests sent by my phone with my location + 5 requests that leak my IP address, which can be turned into geolocation using reverse DNS.
- Learned a lot about the RTB (real-time bidding) auctions and OpenRTB protocol and was shocked by the amount and types of data sent with the bids to ad exchanges.
- Gave up on the idea to buy my location data from a data broker or a tracking service, because I don’t have a big enough company to take a trial or $10-50k to buy a huge database with the data of millions of people + me.
Well maybe I do, but such expense seems a bit irrational.
Turns out that EU-based peoples` data is almost the most expensive.But still, I know my location data was collected and I know where to buy it!
Tim’s essay sets the stage for a Google Security Blog post titled “How We Kept the Google Play & Android App Ecosystems Safe in 2024.” That write up is another example of Google’s self-promotion. It lacks the snap of the quantum supremacy pitch and the endless backpatting about Google’s smart software.
The write up says:
To keep out bad actors, we have always used a combination of human security experts and the latest threat-detection technology. In 2024, we used Google’s advanced AI to improve our systems’ ability to proactively identify malware, enabling us to detect and block bad apps more effectively. It also helps us streamline review processes for developers with a proven track record of policy compliance. Today, over 92% of our human reviews for harmful apps are AI-assisted, allowing us to take quicker and more accurate action to help prevent harmful apps from becoming available on Google Play.
I want to ask one question, “Is Google’s advertising a malicious app?” The answer depends on one’s point of view. Google would assert that it is not doing anything other than making high value services available either for free or at a very low cost to the consumer.
A skeptical person might respond, “Your system sustains the digital online advertising sector. Your technology helps, to some degree, the third party advertising services firms to gather information and cross correlate it for the fine-grained intelligence described in Tim’s article?”
Google, which is it? Is your advertising system malicious or is it a benefit to users? This is a serious question, and it is one that smarmy self promotion and PR campaigns are likely to have difficulty answering.
Stephen E Arnold, February 11, 2025
Comments
Got something to say?
-
- Subscribe to Beyond Search
Feature archive
News archive
-
