{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"10月6日,都柏林聖三一學院計算機科學家 Douglas Leith 發表了"},{"type":"link","attrs":{"href":"https:\/\/www.scss.tcd.ie\/Doug.Leith\/Android_privacy_report.pdf","title":null,"type":null},"content":[{"type":"text","text":"一篇論文"}],"marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}]},{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":",論文證實了一些Android 變體“即使在最低配置且手機處於閒置狀態時,也會向操作系統開發人員和第三方應用程序傳輸大量信息”。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"Leith的研究團隊檢查了三星、小米、華爲和 Realme(Oppo)等幾個手機品牌,發現這些品牌的 Android 操作系統變體“都向操作系統開發商(OS developer,即三星等)和預裝系統應用程序發送大量數據”,而且,他們聲稱,用戶甚至無法選擇退出“數據收集”。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"他們的研究表明,Android 和 iOS 設備都被發現會收集數據,比如 IMEI 號碼、硬件序列號、SIM 序列號、電話號碼、設備 ID(UDID、廣告 ID、RDID 等)、位置、遙測、cookie、本地IP 地址、設備 Wi-Fi MAC 地址、手機藍牙唯一芯片 ID、安全元件 ID(用於 Apple Pay)以及附近設備的 Wi-Fi MAC 地址,但顯然這些供應商定製的 Android 版本更加“健談”。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"研究人員指出,三星、小米、Realme 和谷歌都有收集硬件設備標識符以及可重置的標識符。表面上是作爲一種隱私保護形式,但是“這意味着當用戶重置標識符時,新的標識符值可以輕鬆地重新鏈接回同一設備,”他們在論文中解釋道,“這在很大程度上阻止了用戶重置廣告標識符。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/aa\/aa9e41747e3b8be1b33e3dff77da3dcc.png","alt":null,"title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"他們進一步指出,廠商還會多方交叉鏈接收集的數據,例如,在測試的三星手機上,谷歌廣告 ID 被髮送到三星服務器,三星的幾個系統應用依賴於谷歌分析,微軟的 OneDrive 系統應用依賴谷歌的推送服務。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"同樣令人擔憂的是其中一些供應商收集用戶交互的方式。例如,小米手機的系統應用“com.miui.analytics”傳輸用戶查看屏幕的詳細信息,爲小米提供用戶通話時間的圖片。華爲手機上的微軟 Swiftkey 鍵盤也有類似的記錄。此外,除\/e\/OS 外,所有手機制造商都會收集手機上安裝的所有應用程序列表。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"這項研究認爲,這些供應商Android版本所做的事情已經超出了手機維護所需。“儘管偶爾向操作系統開發人員傳輸數據以檢查更新是可以預料的,但我們觀察到三星、小米、華爲、Realme 和 LineageOS Android 變體傳輸的數據遠不止於此”,該研究說。“而且我們發現 \/e\/OS 基本上不收集任何數據,從這個意義上說,它是迄今爲止所研究的 Android 操作系統變體中最私密的。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"“我們以前過於關注網絡 cookie 和行爲不端的應用程序,而忽視了操作系統”,Leith 表示。他希望這項研究將有助於提醒公衆和立法者採取行動控制這些數據收集行爲。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]}]}
定位你的到底是App,還是手機廠商的操作系統?
{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"10月6日,都柏林聖三一學院計算機科學家 Douglas Leith 發表了"},{"type":"link","attrs":{"href":"https:\/\/www.scss.tcd.ie\/Doug.Leith\/Android_privacy_report.pdf","title":null,"type":null},"content":[{"type":"text","text":"一篇論文"}],"marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}]},{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":",論文證實了一些Android 變體“即使在最低配置且手機處於閒置狀態時,也會向操作系統開發人員和第三方應用程序傳輸大量信息”。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"Leith的研究團隊檢查了三星、小米、華爲和 Realme(Oppo)等幾個手機品牌,發現這些品牌的 Android 操作系統變體“都向操作系統開發商(OS developer,即三星等)和預裝系統應用程序發送大量數據”,而且,他們聲稱,用戶甚至無法選擇退出“數據收集”。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"他們的研究表明,Android 和 iOS 設備都被發現會收集數據,比如 IMEI 號碼、硬件序列號、SIM 序列號、電話號碼、設備 ID(UDID、廣告 ID、RDID 等)、位置、遙測、cookie、本地IP 地址、設備 Wi-Fi MAC 地址、手機藍牙唯一芯片 ID、安全元件 ID(用於 Apple Pay)以及附近設備的 Wi-Fi MAC 地址,但顯然這些供應商定製的 Android 版本更加“健談”。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"研究人員指出,三星、小米、Realme 和谷歌都有收集硬件設備標識符以及可重置的標識符。表面上是作爲一種隱私保護形式,但是“這意味着當用戶重置標識符時,新的標識符值可以輕鬆地重新鏈接回同一設備,”他們在論文中解釋道,“這在很大程度上阻止了用戶重置廣告標識符。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/infoq\/aa\/aa9e41747e3b8be1b33e3dff77da3dcc.png","alt":null,"title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"他們進一步指出,廠商還會多方交叉鏈接收集的數據,例如,在測試的三星手機上,谷歌廣告 ID 被髮送到三星服務器,三星的幾個系統應用依賴於谷歌分析,微軟的 OneDrive 系統應用依賴谷歌的推送服務。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"同樣令人擔憂的是其中一些供應商收集用戶交互的方式。例如,小米手機的系統應用“com.miui.analytics”傳輸用戶查看屏幕的詳細信息,爲小米提供用戶通話時間的圖片。華爲手機上的微軟 Swiftkey 鍵盤也有類似的記錄。此外,除\/e\/OS 外,所有手機制造商都會收集手機上安裝的所有應用程序列表。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"這項研究認爲,這些供應商Android版本所做的事情已經超出了手機維護所需。“儘管偶爾向操作系統開發人員傳輸數據以檢查更新是可以預料的,但我們觀察到三星、小米、華爲、Realme 和 LineageOS Android 變體傳輸的數據遠不止於此”,該研究說。“而且我們發現 \/e\/OS 基本上不收集任何數據,從這個意義上說,它是迄今爲止所研究的 Android 操作系統變體中最私密的。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":"“我們以前過於關注網絡 cookie 和行爲不端的應用程序,而忽視了操作系統”,Leith 表示。他希望這項研究將有助於提醒公衆和立法者採取行動控制這些數據收集行爲。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"color","attrs":{"color":"#494949","name":"user"}}],"text":" "}]}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章