user consent Archives

AppWizard

July 9, 2025

Google Forces Gemini App Integration on Android, Sparking Widespread Privacy Fears

Google is rolling out an update to its Android operating system that allows its Gemini AI to access third-party applications by default, overriding users' previous privacy settings. This change, effective July 8, has led to confusion among users, as many received unclear email notifications regarding the update and how to disable the new feature. Google has stated that human reviewers may process app data, and conversations could be stored for up to 72 hours, even if users opt out of activity tracking. The update is part of Google's strategy to integrate Gemini more deeply into its ecosystem, replacing the Google Assistant with Gemini on mobile devices. The company plans to open its Gemini Nano model to third-party developers, further embedding AI into applications.

AppWizard

July 7, 2025

Google Gemini app gains automatic Android access to phone and messaging data

On July 7, 2025, Google Gemini app users experienced automatic activation of permissions for accessing phone calls, messaging services, WhatsApp, and system utilities on Android devices, following a privacy policy update on June 11, 2025. This change affects millions of users globally and allows user data to be reviewed by humans for AI training. Users can disable these permissions through the app's settings, but the option to opt-out is criticized for being difficult to find. Legal experts have raised concerns about compliance with GDPR regulations due to the lack of explicit user consent for these changes. The data collected supports machine-learning development and may be retained for up to three years, even after users delete their activity.

AppWizard

July 4, 2025

Hundreds of Android apps band together in massive scam campaign targeting millions – here’s what we know

A significant ad fraud operation called the IconAds campaign has been uncovered by security researchers at HUMAN. This scheme involved hundreds of Android applications that displayed advertisements without user consent and concealed their icons on devices. The majority of traffic came from Brazil, Mexico, and the United States. Although Google has removed many of these malicious apps from the Play Store, the threat persists as cybercriminals adapt quickly, introducing new applications and using obfuscation techniques. The IconAds campaign has been active since 2019, highlighting ongoing risks to users. Users are advised to check download counts, read user reviews carefully, and examine reviewer accounts to protect against potential threats.

Winsage

June 24, 2025

Microsoft fixes known issue that breaks Windows 11 updates

Microsoft is releasing a configuration update, KB5062324, to fix Windows Update failures on certain Windows 11 systems running version 24H2 that have not installed the May Windows non-security preview update or later. This update addresses an issue causing the Windows update scan to stop responding, with a permanent solution available in the May update (KB5058499) and later versions. Users can install KB5062324 by enabling 'Get the latest updates as soon as they're available' in Settings > Windows Update, followed by a system restart and checking for updates. The update is being rolled out gradually, so users may need to try multiple times to receive it. Recently, Microsoft also addressed a bug related to feature updates and acknowledged issues with unintended upgrades to Windows Server 2025 on certain devices. The company aims to unify the updating process for all software on PCs through a new orchestration platform.

AppWizard

June 22, 2025

Your favorite apps might betray you, thanks to a new Android trick that fools even smart users

A significant security vulnerability has been discovered in Android's notification system, allowing malicious actors to exploit invisible Unicode characters to open deceptive links without user awareness. Research indicates that this flaw enables attackers to redirect users from seemingly legitimate links, such as "amazon.com," to malicious sites like "zon.com" through the use of zero-width space characters. Major applications including WhatsApp, Telegram, Instagram, Discord, and Slack have been confirmed as vulnerable to this exploit. Attackers can also use this vulnerability to initiate deep links that perform actions like making calls or sending messages without user consent. Traditional antivirus solutions may not detect these threats, as they do not involve conventional malware, highlighting the need for endpoint protection tools that focus on behavioral anomalies. Users are advised to be cautious with notifications and links from unfamiliar sources.

AppWizard

June 21, 2025

Understanding Android 14 Privacy Changes: Key Insights

The introduction of Android 14 features a sophisticated permissions model that requests app permissions only when needed, allowing users to choose between "approximate" and "precise" location access. Apps handling transactions must justify their need for real-time access. Background location usage must be disclosed in Play Store listings, and developers must complete Data Safety Forms. Android enforces scoped storage, isolating apps in sandboxed environments to reduce data leakage risks. Visual indicators for microphone and camera usage were introduced in Android 12, and Android 14 requires apps to specify the nature of access. In-app transactions in gaming apps must meet elevated security standards, including encryption and biometric logins, and undergo audits under PCI DSS. Background access for location services requires clear justification, and developers must submit a Permission Declaration Form. Google Play mandates disclosure of third-party SDKs and their data practices. User awareness is emphasized through concise permission dialogs and Data Safety summaries in Play Store listings. Secure login protocols like OAuth 2.0 are required for sensitive applications, with stronger encryption mandates. Apps for children must comply with COPPA and GDPR-K regulations, with manual reviews by the Play Store. Google's Privacy Sandbox initiative aims to enhance privacy in advertising practices, with expected rollout in 2024.

Winsage

June 20, 2025

Old apps and third-party providers blocked: Major Microsoft 365 security impact

Microsoft is implementing default blocks on legacy protocols and third-party applications for Microsoft 365 to enhance security. This includes deactivating the RPS protocol for SharePoint and OneDrive, as well as blocking the FPRPC protocol. Administrators will now need to give explicit approval for third-party applications to access files and pages, limiting user consent. These changes will begin in mid-July 2025 and are expected to be completed by August. Additionally, new security settings for Windows 365 will disable clipboard, storage, USB device, and printer linking by default on newly set up cloud PCs, with VBS, Credential Guard, and HVCI activated by default for those using a Windows 11 Gallery image. These updates for Windows 365 are planned for the latter half of 2025.

AppWizard

June 11, 2025

Forget WhatsApp And Telegram—Radical New Messenger Confirmed

WhatsApp and Telegram each have over a billion users but face scrutiny for security issues and tracking practices. A new state-controlled messaging app, VladsApp, has been approved by Russian lawmakers as an alternative to these platforms. Sergei Boyarsky, head of the Duma’s Committee on Information Policy, described it as a “secure, multifunctional alternative” aimed at enhancing digital security in Russia. The app will operate on state-controlled infrastructure and is expected to integrate with government services, allowing personal information transfer with user consent. The draft legislation must pass through parliament and receive President Vladimir Putin's signature to become law. There are concerns that the state may restrict access to foreign messaging services to promote VladsApp among users in Russia.

AppWizard

June 11, 2025

Experts warn of risks linked to period tracker apps

Academics from the University of Cambridge have raised concerns about the collection and commercialization of personal information through menstrual tracking applications, which have over 250 million downloads globally. These apps collect extensive data, including exercise, diet, medication, sexual preferences, hormone levels, and contraception use, making menstrual data valuable for consumer profiling. The report highlights that information on pregnancy status is particularly sought after in digital advertising, leading to risks of exploitation for targeted ads. If this data is misused, it could result in health insurance discrimination, employment risks, or domestic abuse. The researchers advocate for enhanced governance in the femtech industry, emphasizing the need for improved data security and meaningful user consent. They suggest that public health organizations develop alternatives to commercial tracking apps to prioritize user privacy and safety.

AppWizard

June 10, 2025

Russia’s State Duma passes bill to create state messaging app as it considers blocking WhatsApp

The Russian State Duma has approved a bill to create a state messaging application, coinciding with discussions about potentially blocking messaging platforms like WhatsApp. The app is intended to enhance government service accessibility and improve information security. Key features include integration with state databases, identification and payment processing capabilities, legal equivalence for documents submitted through the app, and inclusion of educational services. The Russian government will choose a company to develop the app. This legislative move follows previous restrictions on foreign social media platforms, including the blocking of Facebook and Instagram in March 2022 and Viber and Signal in 2024. Roskomnadzor is also considering similar restrictions for WhatsApp, owned by Meta, which is labeled as an "extremist organization" in Russia. Additionally, YouTube has faced throttling of speeds, initially attributed to technical issues but later confirmed by lawmakers to be intentional.