Over at the Freedom to Tinker blog, Dan Wallach reports
on an experiment he did with his undergraduate security class: using Wireshark and Mallory to listen in on what his Android phone was sending. He describes what was found for a number of different applications including Gmail, Google Voice and Calendar, Facebook, Twitter, Angry Birds, and more. "What options do Android users have, today, to protect themselves against eavesdroppers? Android does support several VPN configurations which you could configure before you hit the road. That won't stop the unnecessary transmission of your fine GPS coordinates, which, to my mind, neither SoundHound nor ShopSaavy have any business knowing. If that's an issue for you, you could turn off your GPS altogether, but you'd have to turn it on again later when you want to use maps or whatever else. Ideally, I'd like the Market installer to give me the opportunity to revoke GPS privileges for apps like these.
to post comments)