Free applications that can be expensive

The cost of the download is zero, but misuse can cause uncontrolled access to the user's personal data

  All programs that are installed on mobile devices have a section of terms and conditions that must be accepted to begin using them. The problem is that most users accept them, but do not read them. Another very common gesture is to accept all the permissions for the applications that are downloaded from the virtual stores.

The security firms warn: "The best thing that users can do before installing an application is to carefully observe what data the app in question wants to access," says Panda Security. Access to images, record sound and even read text messages. These are some of the permissions that are granted to free applications and "that you have to read carefully", explain the experts of the security firm.

   The last example in jumping to the media has been the Chinese app 'Meitu', both for its success - it has achieved more than a billion downloads - and for its excessive registration of data from its users. The popular Asian application offers a free photo retouch of selfis, an innovative tool that delights social network users like Instagram, Snapchat and Facebook.

However, security analysts have sounded the alarm in the collection of 'Meitu' data after downloading it from the App Store or Google Play. When installing and accepting the conditions and permissions, the owner of the app accesses the IMEI number of the mobile device.

Wifi open, the privacy gap
Did you know...?

Sometimes the search for open wifi can lead to important security problems in the devices. We have compiled the five most common risks when connecting to this type of public Wi-Fi networks:

1. Theft of sent data: the experts recommend not using connections to networks without a password because "the transmitted data can be read by anyone, both the administrator and other users connected to the network". You have to make sure that the system asks for a password and a lock appears.

2. Theft of stored data: Being part of a public network in which other connected users exist, our device is visible to the other users present in it.

3. Infection of the device: it is important to keep the operating system of our "smartphone" updated with the latest developments to avoid any virus.

4. Disable synchronization: many "smartphone" tasks are performed in the background, such as news and email updates. They can be routes of virus entry.

5. The innocent 'hacker': feeling the temptation to connect to a foreign network open or protected using Wi-Fi hacking tools can cause legal problems.

Location and IP

In the case of Android devices, it requires up to the granting of 23 permissions -some necessary for the proper functioning of the application- as access to the photo reel. But its collection goes further: telephone operator data, exact location, local IP and ability to change mobile settings.

"The risks that the user runs when accepting these permissions in a systematic way are several: On the one hand, he is making available to the developers data about their location and their habits on the Internet, although it can be much more serious if the guts of the application they have a security breach that allows the access of cybercriminals to the functions of your smartphone through those permissions, "say Panda Security analysts.

The mobile IMEI number is the license plate that identifies each device, a private number that, if it falls into the hands of a criminal, can clone the smartphone. In addition, experts claim that the application includes the java code MTAnalyticsAdLogEntity, investigated for allegedly sending to Chinese servers all that information required while using the application to take advantage of permissions on Android.

The document of Terms and Conditions of 'Meitu' states that the information required is for protection purposes and to comply with Chinese laws, although information could also be used as a spy method.

However, Panda Security warns that "security breaches and cybercriminals are not the only risks that a user can face when approving the requested permits". The most important thing is to know the destination and final objective of the collected data, that "the user risks giving up their data and that the developers of apps end up sending sensitive private information to analysis companies or advertising companies", sentence.

The conclusion for the Pew Research Center, after analyzing a large number of applications and reports, is clear: "The applications collect too much information from users from a variety of permits too broad."