Popular App Weather Forecast Collects Too Much User Data and is Attempting To Subscribe Some Users To Paid Services Without Permission (wsj.com) 57
A popular weather app built by a Chinese tech conglomerate has been collecting an unusual amount of data from smartphones around the world and attempting to subscribe some users to paid services without permission, according to a London-based security firm's research.
From a report: The free app, one of the world's most-downloaded weather apps in Google's Play store, is from TCL Communication Technology Holdings, of Shenzhen, China. TCL makes Alcatel- and BlackBerry -branded phones, while a sister company makes televisions. The app, called "Weather Forecast --World Weather Accurate Radar," collects data including smartphone users' geographic locations, email addresses and unique 15-digit International Mobile Equipment Identity (IMEI) numbers on TCL servers in China, according to Upstream Systems, the mobile commerce and security firm that found the activity. Until last month, the app was known as "Weather -- Simple weather forecast."
The weather app also has attempted to surreptitiously subscribe more than 100,000 users of its low-cost Alcatel smartphones in countries such as Brazil, Malaysia and Nigeria to paid virtual-reality services, according to Upstream Systems. The security firm, which discovered the activity as part of its work for mobile operators, said users would have been billed more than $1.5 million had it not blocked the attempts.
The weather app also has attempted to surreptitiously subscribe more than 100,000 users of its low-cost Alcatel smartphones in countries such as Brazil, Malaysia and Nigeria to paid virtual-reality services, according to Upstream Systems. The security firm, which discovered the activity as part of its work for mobile operators, said users would have been billed more than $1.5 million had it not blocked the attempts.
The Weather Network (Score:1)
There's an official app, just use that. Sure it's bloated to all hell and there's ads, but at least, you know your data ain't going to China.
Apparently it is this London based team? (Score:2)
https://guardianapp.com/ios-ap... [guardianapp.com]
That is my best guess from a Google search. Could anybody read the article and see who the researchers are?
Re: (Score:1)
NEW DELHI-A popular weather app built by a Chinese tech conglomerate has been collecting an unusual amount of data from smartphones around the world and attempting to subscribe some users to paid services without permission, according to a London-based security firm's research.
The free app, one of the world's most-downloaded weather apps in Google's Play store, is from TCL Communication Technology Holdings Ltd., of Shenzhen, China. TCL makes Alcatel- and BlackBerry -branded phones, while a sister company ma
Re: (Score:2)
The word "London" doesn't even appear in the article text?
Re: (Score:2)
Upstream Systems, https://www.upstreamsystems.co... [upstreamsystems.com]
Wow, you are correct that I am not very smart today. Or blind...
Open weather network ? (Score:2)
so whats the best open weather data network ?
I'm not after predictions, just data
Re:Open weather network ? (Score:5, Funny)
so whats the best open weather data network ?
I'm not after predictions, just data
A window?
Re: (Score:3, Funny)
You missed such a perfect chance to simply reply 'Windows' instead of 'A window'.
Re: (Score:3, Informative)
OpenWeatherMap's free public API is quite enough. That's what the FOSS apps seem to use.
Re: (Score:2)
I think that the xfce4 weather widget is the best weather utility I have EVER come across.
Re: (Score:2)
If you're in the US, the NOAA website at https://www.weather.gov/ [weather.gov] is probably your best bet. I know you can get radar images from there -- I clicked around enough at one point and found the raw frames nicely sorted by location. I'm fairly certain that's where all the weather sites get their data, anyway. With how bad places like Weather Underground has been getting lately (it keeps switching to a blank page on my smart phone for example and is otherwise insanely slow with all of its useless JS nonsense),
Re: (Score:2)
Re: (Score:1)
Such as Google Search, Google Allo, Google Hangout, Google also collects too much user data. But let's not talk about that, let's instead find a Chinese company that does the same, and then spin the old China cyber espionage tirade.
You can disagree all day long if you choose to be WRONG, but at the end of the day, I trust Google's privacy policy and their apps to be in sync a lot more than random apps sending random data to random people.
Hint... if you're not paying $$$ for it, your information is the price you are paying. That's okay, just make sure it's going to reasonably reputable companies, like Google... Apple... Microsoft.
Apps spy on people now? (Score:2, Troll)
I'm shocked. Shocked I tell you!
What has the world come to? You think you get a free app and suddenly you notice that it has a nefarious purpose. Wasn't teh interwebs supposed to be the place where you get everything for free?
Re: (Score:2)
Re: (Score:2)
How does one app access data that may have been given to another app on the device? I mean really, not just theoretically.
How does a free application A access credit card details that might have been plugged into application B unless application B was already willing to share them with A (and should therefore have not been trusted with CC details in the first place)?
Re: (Score:1)
Re: (Score:2)
Arguing that it is free just because you don't pay anything up front is like saying that a haircut is free because you usually don't usually have to pay before you see how they cut your hair.
Re: (Score:2)
So then the user *DID* give permission.
The fact that may have done so only unintentionally is beside the point.
In general, that could be blamed on a user not paying attention to what they are doing more than being a genuinely malicious app (although they are certainly not mutually exclusive).
fuck that link (Score:2)
Serves 'em right (Score:2)
Forecastie was right there in the F-Droid store the whole time.
Visit a web site (Score:1)
If it's something you can only access online then skip the app and just use a web site bookmark
App (Score:3)
Re: (Score:2)
And ppl wonder why I do NOT want to see the large systems built in America.
Chinese gov thanks you (Score:2)
Astro weather that doesn't track you (Score:2)
Shameless plug here, but if you have an iOS device (sorry, I've never tried android development) you might enjoy Xasteria's [ecuadors.net] weather report for astronomers/astrophotographers, which has no registration, no tracking, no ads. I don't usually promote the service since it is kind of "niche", but maybe there are /. ers into that stuff. Otherwise, the web service 7Timer [7timer.info] that it is based on, has non-astronomical predictions as well (based on NOAA data). I am donating the main server for that free service, so it als
Re: Gboard uses 500MB+ per month of background dat (Score:2)
No no no no - Big Brother Google would NEVER spy on us. Because Big Brother Google loves us all!
Spying? You don't say (Score:2)
Subscribing to paid accounts without permission? (Score:3)