Analyzing Prominent Mobile Apps in Latin America
Authors: Beau Kujath (Arizona State University / Breakpointing Bad), Jeffrey Knockel (Citizen Lab), Paul Aguilar (SocialTIC), Diego Morabito (SocialTIC), Masashi Crete-Nishihata (Citizen Lab), Jedidiah R. Crandall (Arizona State University / Breakpointing Bad)
Year: 2024
Issue: 2
Pages: 83–92
Abstract: We investigate the security and privacy state of a short list of widely used mobile apps that are relied on for crucial services by millions of users in Latin America (LATAM). Our assessment employs both static and dynamic analyses to evaluate each app (APK) for protection in three categories: proper encryption, safe handling of personally identifiable information (PII), and a properly secured and vetted software update process. These are important to at-risk users (such as journalists and activists) in any context, but the heightened risk to journalists in LATAM means that surveillance and targeted malware attacks are preeminent characteristics of information controls in this region. In LATAM, censorship often takes the form of surveillance coupled with physical threats to journalists, and government actors are not the only actors with the resources and power relationships to carry out this form of censorship. Therefore, the three categories of security and privacy issues we investigate for LATAM apps in this paper are of critical importance to the safety of journalists in the region.
Copyright in FOCI articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.