Android app user-trackers proliferate: Yale's Privacy Lab, along with the French nonprofit Exodus Privacy, have released research into 25 tracking tools tucked into popular Android apps, such as Twitter, Skype and Uber. While there's no inherent surprise that mobile apps contain trackers, the apparent pervasiveness should give end-users and especially regulators serious pause. Here's how Yale puts it:
Publication of this information is in the public interest, as it reveals clandestine surveillance software that is unknown to Android users at the time of app installation. These trackers vary in their features and purpose, but are primarily utilized for targeted advertising, behavioral analytics, and location tracking.
At Privacy Lab, we’ve studied the data from Exodus output, providing insight into the origin of advertising trackers, the companies behind them, and their surveillance practices. Network activity originating from these Android apps crosses multiple countries and legal jurisdictions. Lack of transparency about the collection, transmission, and processing of data via these trackers raises serious privacy concerns and may have grave security implications for mobile software downloaded and in active use by billions of people worldwide.
Exodus looked at more than 300 apps on Google Play with its web-based privacy auditing software, which is available as open-source. More than 75 percent of them exhibited tracker signatures, but the percentage could be even higher when taking into account new, unidentified trackers or ones added to new versions of apps over time, the researchers said.
While the research focused on Android and Google Play, many trackers are multiplatform, meaning they could well reside inside apps on the Apple store as well, Yale noted.
POV: Any mobile app user knows the drill when they click on the "Install" button, particularly when the app is free of charge: Up pops a long list of permissions the app makers want, both for functionality purposes but also monetization. Yale and Exodus's work shows just how far app makers can go in tracking users, and how feeble the current standards for transparency and privacy oversight are.
For some apps are doing far more than using tracker data to serve up targeted ads, as Yale notes:
Perhaps more disconcerting is the potential impact of advertising trackers on the finances and healthcare of users. One app analyzed by Exodus, Mon AXA (“My AXA”), is developed by a multinational insurance and financial firm, and was found to contain six trackers. Exactly what information is shared is unknown, though the data stored by the app is extremely sensitive.
Skeptics will say that app users have only themselves to blame for giving up access to personal data, but that argument falls quite short when the notion of hidden tracking code comes into play. Yale and Exodus say their work demands a call to action and its hard to disagree. While serious regulatory actions may not be on the horizon in the U.S., laws elsewhere such as the upcoming General Data Protection Regulation in Europe, may force the issue. (Go here to read an excerpt from an in-depth report on GDPR and its implications for marketers by Constellation VP and principal analyst Cindy Zhou.)
VMWare Cloud hits the gas pedal on AWS: Just a few months after its initial availability on Amazon Web Services, VMWare has added a series of significant new features to VMWare Cloud for the IaaS provider.
One big move is VMWare Cloud availability in AWS's U.S. East region, its largest overall by far by capacity. This adds to initial availability in the U.S. West region, and introduces disaster recovery scenarios for VMWare Cloud on AWS. That crucial capability was sure to come down the pipe, but by introducing it so quickly VMWare is sending enterprises the message that it wants and is ready to support mission-critical vSphere workloads on AWS. DR will be powered by VMWare Site Recovery for protecting workloads in both hybrid and pure-AWS scenarios.
The update also introduces support for environments with tens of thousands of virtual machines; reserved instance pricing; the ability to bring on-premises licenses to AWS; live and bulk application migrations with no retrofitting; and partner product integrations with Veeam, Druva, NetApp, Avi Networks, RightScale and others.
POV: VMWare gave public IaaS a try with vCloudAir, but ultimately sold off the business to hosting company OVH earlier this year and began focusing on supporting leading IaaS providers such as Microsoft and AWS. The latter remains the market leader in share and therefore it's no surprise to see how much engineering muscle VMWare is putting into cloud feature development for AWS (customers can expect a quarterly release cycle).
Microsoft, SAP partnership picks up steam: While Microsoft and SAP have been partners and mutual customers—Redmond runs one of the world's largest SAP ERP installations—the relationship took a big step forward this week, and it has positive implications for enterprise IT decision-makers. Here are some of the highlights.
SAP's HANA Enterprise Cloud will run on Azure at a date not yet disclosed. HEC is an SAP-managed service for its enterprise applications that has been available in SAP data centers as well as those of third-parties, such as IBM; adding Azure support bolsters HEC's coverage and options for customers around the world.
Microsoft is also moving its legacy SAP financials module over to the newer SAP S/4HANA version. This is a significant step, albeit one many initial S/4HANA customers have taken first. It will be quite some time before Microsoft fully unravels and upgrades its highly customized SAP ERP landscape.
Perhaps more significantly, SAP is planning to move "more than a dozen business-critical systems to Azure," including the S/4HANA finance software used to support its Concur division. Further details weren't available, but the plans sound significant. Overall, the projects will generate important insights Microsoft and SAP can share with joint customers, both at the corporate and user group levels, about running SAP applications on Azure.
For more, go here to read Constellation VP and principal analyst Holger Mueller's in-depth analysis of the announcement.