That cute anime selfie app is collecting a lot more data than it needs
Last week, the internet was filled with adorably beautified selfies and odd portraits of polarizing political figures as we all discovered Meitu, a Chinese photo-editing app.
But now the chance to dress up our pics using Meitu is much less appealing as the full extent of the app's permissions has been revealed.
Once Meitu photos started blowing up our feeds, some information-security skeptics took to Twitter to warn of the extent of access users were giving up to make themselves look like anime characters.
The Android version of the app required a particularly long list of permissions. Along with the typical photo and camera access you'd expect, Meitu asks Android users for access to:
- full network access
- the phone's status and ID
- USB storage
- contacts
- messages
- IMEI number
Let me get this straight...
— Greg Linares (@Laughing_Mantis) January 19, 2017
All of you just installed a photo app from China that requires these permissions? Let me know how it works out. pic.twitter.com/wGDUYbRdSA
Take a look at the entire list of permissions from the the Meitu app. pic.twitter.com/AkSw2Z50T7
— FourOctets (@FourOctets) January 19, 2017
According to a blog post written by infosec expert Will Strafach, the iOS version of Meitu isn't as intrusive.
"Overall, the information collected by this app would appear to be on par with analytics information collected within most iOS apps which are currently live in the App Store," he wrote after conducting a quick assessment of the app.
In an official statement, Meitu denies that the data collection is excessive or nefarious in any way. Instead, the information is collected to "optimize app performance," nothing more. "Meitu DOES NOT sell user data in any form," it reads.
Instead, the statement claims that the app uses so many tracking systems because the company is based in China, where "many of the services provided provided by app stores are blocked." In order to keep the tracking consistent, the multiple layers are necessary.
The company did provide some insight into how it protects user data:
Mashable reached out to Meitu for further comment, and will update the story upon receiving a response.
If you're still beautifying your selfies, take a look at the permissions and decide for yourself if you're cool with giving up that much personal info. But let's be real — Meitu had it's 15 minutes of viral fame. In all likelihood, it's over. Better solution: Just find a new way to mess around on Twitter and go about your day worry-free.
source: mashable
0 comments