Jump to content

Yandex is harvesting data from millions of iOS users - Confirmed Report by Apple Insider.

Cocodile

By Cocodile
in Technology News

 Share

Recommended Posts


  • Tripredacus changed the title to Yandex is harvesting data from millions of iOS users - Confirmed Report by Apple Insider.
Cocodile

Cocodile

Posted
  • Author
Posted
3 hours ago, Tripredacus said:

It would be presumed that all apps with ads would also include trackers. If you want to play in that environment, those are the risks you have to be willing to take.

This report is about a specific tracker included with a specific API, it's not about all apps in general.

Thanks for your individual opinion, but generalisation is not the answer I was looking for.

Why did you change the title that was given by the author of the report, and NOT by me?

With these changes this topic does not represent the technical matter I wanted to talk about.

3
Link to comment
Share on other sites
Cocodile

Cocodile

Posted
  • Author
Posted (edited)

And please tell why the link I gave to the article in Financial Times has been removed.

Is Financial Times forbidden on this website?

Or you removed it by mistake?

There was information about them to be the first who discovered the spying Yandex API

Edited by Tripredacus
politics
3
Link to comment
Share on other sites
Dixel

Dixel

Posted
Posted (edited)

@Cocodile, thank you for the information! I had a chance to read the topic soon enough after you posted!

A very interesting fact they mentioned, even VPN services are infested with that malicious AppMetrica Yandex API, hundreds of them.

We'd have to assume the popular Browsec also has it.

No wonder it has so many negative reviews and articles questioning its security and reliability.

Such VPN services are definitely not advisable to use on iOS.

 

Edited by Tripredacus
4
Link to comment
Share on other sites
Tripredacus

Tripredacus

Posted
Posted

The original post was a copypasta from another website. Clear that the leftover color formatting from that site was present. Perhaps some portion of the text was not from that site. However since MSFN is in EU, we have to be careful about content from other sites. So if you want to talk about a news story from another website, putting large portions of text from there onto here is not allowed. You can link to the story or put a paragraph or line into a forum quote.

Link to comment
Share on other sites
jaclaz

jaclaz

Posted
Posted

To be picky, Apple Insider does not confirm anything, it simply reports what the Financial Times has published:

Quote

According to a new report from The Financial Times, security researcher Zach Edwards has discovered that Yandex analytics code is embedded in 52,000 apps on Apple and Google software. From there, it's reportedly reached "hundreds of millions of consumers."

The actual article on the Financial Times is linked as hypertext in the "a new report" in the above quote (from which I stripped it) and links to  :

https://www.ft.com/content/c02083b5-8a0a-48e5-b850-831a3e6406bb

but it is behind their paywall and you need an account on the FT to be able to access it (at least this is what is happening to me right now), but it has been republished by arstechnica:

https://arstechnica.com/information-technology/2022/03/data-harvesting-code-in-mobile-apps-sends-user-data-to-russias-google/

 

In any case the whole stuff is hardly "news" as it is March 2022.

 

The research was made for the Me2B Alliance, that in the meantime changed name:

https://internetsafetylabs.org/blog/news-press/the-me2b-alliance-is-now-internet-safety-labs/

https://internetsafetylabs.org/blog/news-press/financial-times-highlights-me2b-alliance-research-questions-remain-about-vpns-with-the-yandex-appmetrica-sdk-installed/

I couldn't actually find a link to the actual research/report

jaclaz

 

1
Link to comment
Share on other sites
Saxon

Saxon

Posted
Posted (edited)

I just noticed all mentions of the country that produces this electronics related application product were censored/edited out.

However, in European Union we have mandatory "Made-in" labelling for such products.

"Origin marking is also mandatory if an indication or image on the product brings to mind a different country from the country of origin."

- which is a clear case here since Yandex uses an international team of developers, manufacturers and distributors.

And it uses English language that is different to the language of their country.

"The origin marking must refer to the country in which the product is 'wholly obtained' or the country in which the product has undergone 'its last substantial processing'."

https://business.gov.nl/running-your-business/products-and-services/product-safety-and-packaging/eu-countries-general-product-requirements/#art:origin-marking

 
Edited by Saxon
fixed the link
2
Link to comment
Share on other sites
jaclaz

jaclaz

Posted
Posted
11 minutes ago, Saxon said:

I just noticed all mentions of the country that produces this electronics related application product were censored/edited out.

However, in European Union we have mandatory "Made-in" labelling for such products.

"Origin marking is also mandatory if an indication or image on the product brings to mind a different country from the country of origin."

- which is a clear case here since Yandex uses an international team of developers, manufacturers and distributors.

And it uses English language that is different to the language of their country.

"The origin marking must refer to the country in which the product is 'wholly obtained' or the country in which the product has undergone 'its last substantial processing'."

https://business.gov.nl/running-your-business/products-and-services/product-safety-and-packaging/eu-countries-general-product-requirements/

 

Which product? :unsure:

Here we are talking about a software written by Yandex and included into many (mostly VPN related) third party apps (both IOS and Android).

The article you linked to is related to the safety of physical products, and actually only applies to some categories.

 

Link to comment
Share on other sites
Saxon

Saxon

Posted
Posted
3 hours ago, jaclaz said:

The article you linked to is related to the safety of physical products, and actually only applies to some categories.

Sorry, I posted the wrong link. This is the right one.

https://business.gov.nl/running-your-business/products-and-services/product-safety-and-packaging/eu-countries-general-product-requirements/#art:origin-marking

2
Link to comment
Share on other sites
Saxon

Saxon

Posted
Posted
3 hours ago, jaclaz said:

Here we are talking about a software written by Yandex and included into many (mostly VPN related) third party apps (both IOS and Android).

This software is a commercial product. Most importantly, it's even sold preinstalled on some Android phones, at least I know about such cases in Eastern EU.

Most of the mentioned VPN services are paid, including Browsec that has a paid version.

2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...