Monday, January 23, 2017
Meitu's photo-effects app tracks users
" Security researchers are always poking at popular apps, especially from
China, as developers there often create apps for jailbroken iPhones, but
have been the victim of a malware-infested version of Xcode.
This general interest was heightened on the Android side, as the app
requests a swath of permissions to access personal data. When researchers
went poking in the iOS version, they quickly found a host of red flags:
multiple analytics packages, which is software used to track usage and
users; requests for data that Apple forbids, some of the code for which was
taken directly from a popular iOS programming guide, which prominently notes
it shouldn't be used in production software; and attempts to extract a
unique phone identity, which is sketchy based on Apple's rules."