Xnspy Stalkerware Spied on Thousands of iPhones and Android Devices (techcrunch.com) 3
A little-known phone monitoring app called Xnspy has stolen data from tens of thousands of iPhones and Android devices, the majority whose owners are unaware that their data has been compromised. From a report: Xnspy is one of many so-called stalkerware apps sold under the guise of allowing a parent to monitor their child's activities, but are explicitly marketed for spying on a spouse or domestic partner's devices without their permission. Its website boasts, "to catch a cheating spouse, you need Xnspy on your side," and, "Xnspy makes reporting and data extraction simple for you."
Stalkerware apps, also known as spouseware, are surreptitiously planted by someone with physical access to a person's phone, bypassing the on-device security protections, and are designed to stay hidden from home screens, which makes them difficult to detect. Once installed, these apps will silently and continually upload the contents of a person's phone, including their call records, text messages, photos, browsing history and precise location data, allowing the person who planted the app near-complete access to their victim's data. But new findings show many stalkerware apps are riddled with security flaws and are exposing the data stolen from victims' phones. Xnspy is no different.
Stalkerware apps, also known as spouseware, are surreptitiously planted by someone with physical access to a person's phone, bypassing the on-device security protections, and are designed to stay hidden from home screens, which makes them difficult to detect. Once installed, these apps will silently and continually upload the contents of a person's phone, including their call records, text messages, photos, browsing history and precise location data, allowing the person who planted the app near-complete access to their victim's data. But new findings show many stalkerware apps are riddled with security flaws and are exposing the data stolen from victims' phones. Xnspy is no different.
People problem, not fixable with technology (Score:3, Insightful)
This isn't a problem technology can solve. It is a people problem.
One person is giving an extreme level of trust to the other person, and the other person is then abusing it.
When the device owner is explicitly and willingly giving full access to their spouse by way of their very own authorization credentials, it simply isn't possible for the device to know it isn't the device owner. Because with those credentials, it IS the device owner.
You can't both allow and prevent the device owner from installing apps at the same time.
This needs solved at the people-level.
I hate to say "go get some laws passed" because we know how badly that can turn out, but honestly, that is one of very few options to deal with such a problem.
Maybe there is a better option, maybe there isn't, but a technological one most certainly isn't even an option in the running here.
Re: (Score:1)
People statistically aren't trustworthy.
I felt that your post basically said there is no good answer, and I agree it is a people issue. I also believe there isn't a good answer.
The only way to foster trust is with trust worthy actions to build it. If people are constantly are not trust worthy, why would you think just not revealing you're not trusthworthy would make you trust worthy? Therefore, people want proof of trust, hence why for a long time both sexes have played games to 'test' people.
Now technology
Re: (Score:2)
It's not that black and white. You can make it less seductive to spy on each other, as well as cultivate a culture of trust. Take a look at:
https://www.candlesmarthome.co... [candlesmarthome.com] for an example in a smart home context.