Reply to post: Re: 'Let us know if the mint suggestion worked!'

'Facebook takes data from my phone – but I don't have an account!'

Jamie Jones Silver badge

Re: 'Let us know if the mint suggestion worked!'

Interesting idea, though location data can be transfered in 4 bytes.. It would be pretty easy to hide that somewhere, without uploading an image... Uploading an image would set my alarm bells off immediately! Have they got control of my camera?!

Ok, I found this. I wrote a script that deletes all the spying data files, but this is obviously one I missed:

44 -rw-rw---- 1 u0_a194 u0_a194 43043 Aug 27 2016 /data/data/air.SpaceZombies2/shared_prefs/Appodeal.xml

Look for "Appodeal.xml" in the shared_prefs folder of any app (you'll need to be root though)

This is a 43K file, starting off like:

<?xml version='1.0' encoding='utf-8' standalone='yes' ?>



<string name="banner">{&quot;status&quot;:&quot;ok&quot;,&quot;ads&quot;:[{&quot;status&quot;:&quot;mopub&quot;,&quot;id&quot;:&quot;YktV,,, etc.

decoding it gives a json file, uploading variables such as:



smoking: (how the f??? does it know that?)

Interestingly, it's also hacked other apps and uploaded their unique ids that were given to me, including: "admob, applovin, chartboost, inmobi, mopub, smaato"

The worst is this URL listed:




















All those details were accurate at the time - as I said, I don;t even have gps on here, but if you look at the "gps" field, if you threw a hand-grnade at those coordinates, you'd blow up my sofa! (OK, slight exageration, but it's the coordinates of the playing field opposite!)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019