this post was submitted on 16 Feb 2024
29 points (91.4% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54716 readers
269 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

AAAD it's a freemium sideloaded app that allows you to install unofficial apps for Android auto.

At startup it sends some device identifier to his server and checks if you have a license, otherwise goes in trial mode where you can try one app every month.

It doesn't ask any additional permission. No storage, no phone/IMEI and no location. If you uninstall it, somehow it knows you previously downloaded it.

Tried to reset the advertising id, no change

My questions:

  1. How the hell the app is able to fingerprint the user like that, persisting uninstalls?

  2. How to reset the counter?

you are viewing a single comment's thread
view the rest of the comments
[–] Moonrise2473@feddit.it 5 points 9 months ago (1 children)

Wow, this sucks.

Not for this app because anyway it looks like it's not working on Android 14, but because shady apps can reliably track installs, uninstalls and so on.

[–] 12510198@lemmy.blahaj.zone 3 points 9 months ago (1 children)

I was thinking about that too, I cant think of much this ID is good for other than fingerprinting users. It just sucks that there isnt much of anything that can be done about it without a rooted device or privacy rom.

[–] Moonrise2473@feddit.it 3 points 9 months ago

I was happy that finally Google after android 10 returned an invalid IMEI to all those apps that asked the phone permission for fingerprinting reasons (almost all the Chinese apps like WeChat, taobao, amap, Baidu, required the phone permission and if you denied it, they directly sent you to the uninstall page), then left this huge unpatched & unpatchable hole that doesn't even require a specific permission...