Sabitlenmiş Tweet
AppCensus
153 posts
AppCensus
@AppCensusInc
The official account of https://t.co/4BVSQyGTyK: privacy news, commentary, and product announcements. Privacy Analysis as a Service. At Scale.
San Francisco, CA Katılım Ocak 2019
8 Takip Edilen355 Takipçiler
Thanks to @dhsscitech for the shout out and all the support! They’ve been a great partner!
DHS Science and Technology Directorate@dhsscitech
Curious about what’s possible when partnering with S&T? Check out the final Tech Impact video to learn about @AppCensusInc’s success + how to work with us through the Silicon Valley Innovation Program. ⬇️ youtu.be/NAteJeE8llg?si…
English
AppCensus retweetledi
This press article is based on the findings of our last USENIX'23 paper:
usenix.org/system/files/s…
Co-authored by A. Lyons, J. Gamba, A. Shawaga, J. Reardon, @0xjet, @v0max and myself, from @UCalgary @IMDEA_Networks @uc3m @ICSIatBerkeley and @AppCensusInc
English
Excited to see the work we did for @IDACwatchdog having more impact!
Tonya Riley@TonyaJoRiley
ICYMI: An FTC complaint confirmed findings I first reported in 2020 that the fertility app Premom was sharing user data with Chinese advertisers without user permission. The company has settled for $200,000 w/ the FTC and state AGs. cyberscoop.com/ftc-fertility-…
English
We're excited to be working on this!
Allan is @allanfriedman on bsky & infosec.exchange@allanfriedman
Excited for the announcement of @dhsscitech SVIP awardees for SW Supply Chain Tools and #SBOM. We're looking forward to working with these great teams. @AppCensusInc @chainguard_dev @deepbits_tech @manifestcyber @ScribeSecurity @testifysec & Veramine dhs.gov/science-and-te…
English
AppCensus retweetledi
Our other USENIX paper was just posted:
usenix.org/conference/use…
We examine the logging of sensitive user data on Android devices (more supply chain problems!).
(Joint work w/ @Allan__Lyons, @jgamba_, Austin Shawaga, Joel Reardon, @0xjet, and @narseo)
English
@bjarkeLA @narseo Yes, we made it very clear why on the website: appcensus.io/search
We repurposed that infrastructure to better serve our customers. Long term, we would like to rebuild it and continue offering it as a free service. But unfortunately we’re way too busy in the short term.
English
@narseo @AppCensusInc Yes, I see. But the searchable library is gone, right?
English
@AppCensusInc and Lumen Privacy Monitor by @narseo exist no more. What other/new tools are there for investigating private data sharing in apps? Using it for teacher education #twitterhjerne
English
AppCensus retweetledi
One of the many reasons why we’ve avoided VCs at @AppCensusInc
Jamie Quint@jamiequint
If you get auto-reply OOO emails from early-stage founders. Very bad sign.
English
AppCensus retweetledi
English
AppCensus retweetledi
The awarded paper was presented at @USENIXSecurity'19 and it is available at:
usenix.org/conference/use…
This paper is a collaboration of @IMDEA_Networks researchers with Joel Reardon, @v0max @primalw and @AmitElazari from @ucalgary, @ICSIatBerkeley and @AppCensusInc
English
@AppCensusInc Hopefully, thats the case. I was wondering, once you reported the spyware SDK to Google, did they include it in the scan they do for all the apps in the app store ?
I was wondering how many other apps would have it that you haven't tested.
English
New blog post: blog.appcensus.io/2022/04/06/the…
We discovered a spyware SDK that collects various identifiers, the contents of the clipboard, scans home networks to identify devices, as well as hashes of files on the user’s phone.
English
@TommyBurazin They definitely were removed a week or so ago. We assume that after they were booted, they were allowed to submit updates that removed the SDK. There was evidence the app devs didn’t know what the SDK did, so forcing them to fix it vs. permanently banning them seems appropriate.
English
Oh hey, the WSJ has picked up our story!
wsj.com/articles/apps-…
AppCensus@AppCensusInc
New blog post: blog.appcensus.io/2022/04/06/the… We discovered a spyware SDK that collects various identifiers, the contents of the clipboard, scans home networks to identify devices, as well as hashes of files on the user’s phone.
English
The Olympics app, My 2022, has been exploiting a weakness in Android 10 and earlier to harvest user' MAC addresses and send them to a server in China called 'bigdata'.
A new version of the app has been pushed that ends the practice, per @AppCensusInc blog.appcensus.io/2022/02/04/sid…
English
New blog post on a previously-undisclosed side channel in the Olympics app (My 2022): blog.appcensus.io/2022/02/04/sid…
English
Check out our new blog post, the first in a new series of privacy tips for app developers:
blog.appcensus.io/2022/02/03/dev…
English