Android Apps Can Take Pictures and Send Them Without You Knowing – How To Keep Safe?

In his personal blog, researching computer science field, Szymon Sidor has found a shockingly interesting discovery – Android apps can take pictures and send them to private servers without the user knowing about it. This discovery in turn is raising many concerns regarding our privacy (and safety) in the mobile age. Albeit, to their right,

Updated Sep 30, 2016Apps
Android Camera Security

This discovery in turn is raising many concerns regarding our privacy (and safety) in the mobile age. Albeit, to their right, it would be fair to mention that software companies aren’t exactly sitting with their legs crossed doing nothing about it.

The Discovery

When Szymon was working on his university team project, he probably didn’t even imagined the type of shocking discovery he might find. As it turns out, after a few experiments he conducted, Szymon was able to create an app which could secretly take pictures via the smartphone camera and send it over to a private server he chose for the purpose. The way he did it was by instilling a background service, which doesn’t need to have an associated visible activity, hence it can be run without the user knowing about it. Another obstacle Szymon had to cross was that the camera has to have a preview displayed on the screen in order to take a shot. Remembering on Facebook’s Messenger app that is able to draw to the UI even while the app isn’t technically running, Szymon built upon that idea and refined it to draw a preview of merely 1×1 pixel in size. In his words:

“The result was amazing and scary at the same time – the pixel is virtually impossible to spot on Nexus 5 screen (even when you know where to look)! Also it turned out that even if you turn the screen completely off, you can still take photos, as long as the pixel is still there.”

Here’s a short video demonstration he made:

How to Keep Safe from Malicious Apps

A few tips, some also recommended by Szymon, in order to keep safe are:

1. Don’t install apps from unknown sources unless you’re absolutely sure they’re harmless.
2. Pay attention to apps permissions, a simple flash light for example doesn’t need permissions to your contacts list.
3. Check out background services that are running, Settings > Apps > Running , if you see any peculiar / unidentified app running, you might want to google it and perhaps stop it from running.
4. Lastly, apps you don’t use anymore and have no need for should probably be uninstalled, either because of space or security measures.