MEITU, A CHINESE selfie editing app, has amassed billions in downloads since launching in 2008; it’s been trendy in Asia for several years, and just recently began gaining popularity in the United States. The anime-style photo-editing tool, which is available through the Apple and Android app stores, features airbrushed, fairylike depictions of people.
Users noticed that the Android version had very invasive permissions, and developers who took a deeper look found code that pulled a whole lot of sensitive data off your phone, and sent it to Meitu’s servers in China. That included unique identifiers for your phone — its IMEI and MAC address — and precise GPS coordinates of your location, which is pulled from the EXIF data of photos you take even if you deny the app permission to your phone’s location data. It even checked iOS versions to see if they were running on jailbroken device, so it could send back more data.
https://community.giffgaff.com/t5/Blog/Meitu-the-tracking-controversy-over-the-latest-selfie-craze/bc-p/19871691
Thanks for posting the article Vaibhav,
This was interesting post, however i believe many apps are collecting personal data as well. When we look at the broader spectrum of consumers, we are not educated to know what these apps are really doing behind the scene. Even as a cybersecurity student, I am not privy to that knowledge. How can we as citizens of the digital age obtain the tools we need to better identify the potential threats that we are unaware of? Most of the time we depend on third-parties to provide this protection, but as we can clearly see over the past decade our privacy seems to be of little concern to the developers. I mean, how can we learn about what the apps are doing before actually using it or being discovered by a researcher?
This is a hard question to answer where I feel that there are always some new threats in the market and its the same case like a zero day vulnerabilities where a lot of people do become victim of the threat.
I do suppose a solution to keep mobile safe is by not jailbroking your devices.The devices when get jailbroken usually surpasses a lot of inherent operating system security features