Discover more from Malcore’s Blog
4 practical steps if you fear data harvesting
This blog by Internet 2.0 is designed to give practical steps to users to limit their devices harvesting all of their data.
1. Remove all unused applications
This is the easiest suggestion to implement as its a 5 minute audit. Simply go through your phone and remove or uninstall every app they you do not use every day. You might be surprised by the number of apps that you did not even know was on your phone.
If you want to go extreme delete all your apps and then only reinstall apps as you use them. You will be surprised on the difference between daily use apps and rainy day apps. If you feel anxiety about this step do not worry. Most apps keep your data in the cloud, so when you reinstall them your progress most of the time is not lost. In the worst-case scenario I had to burn roaming data when there was no Wi-Fi around when reinstalling Uber that one occasion I got to travel.
2. Limit all permissions
Permissions are big access point for data harvesting. Most applications do not need many permissions to function.
The most permissions users for me were messaging applications because I use hourly to conduct calls and texts to connect with contacts. So their access to camera, microphone, contacts and media storage is most of the time necessary. An easy way to limit data harvesting even further is to make the application ask every time they want to use a permission. Limiting the times applications can use permissions is important.
Here is the screen grab of on an android where I audited permissions.
3. Limit Location access
Location is one of the hardest data harvesting access points to block in my opinion. This is because location settings can be taken from both location services on your mobile but also Sim and Network information from the device itself. Unfortunately its nearly impossible to go off grid with location in my opinion having seen the source code of many applications now. But here are a few screen shots of an android for Location Services that I audited.
4. Cycle or opt out of advertising ID
Both Android and iOS force apps to use a special "ad ID" for tracking smartphones as it is their way to try and anonymize the data at the operating system level. It also reduces the legal risk posed to Google and Apple when third parties conduct mass illegal data harvesting operations like seen in Cambridge Analytica or Zhenhua Data Leak.
This Ad ID though is replacing your phone number or account ID so if you keep it on it basically deanonymizes you over time. Resetting it or stopping it disrupts the tracking that apps were coordinating through your ad ID.
To do this follow these below steps
For Andriod go to Settings > Privacy > Advanced > Ads and toggle on Opt out of Ads Personalization or Reset advertising ID. Android shows you the alpha-numeric ad ID at the bottom of this screen and when you initiate a reset you see it change.
For iOS navigate to Settings > Privacy > Advertising and toggle on Limit Ad Tracking or Reset advertising ID.
Here is the screen shots on an android for ad ID that you should audit.
This blog has been written as a result of all the data harvesting that has been shown in the app analysis project by Malcore Team.
Try Malcore for Free!
First 5 scans are free on registration