We briefly touched yesterday on Bitdefender's new privacy protection utility Clueful, but today we'd like to take a closer look at everything the app has to offer, along with what makes it stand out from the crowd.
For those who may not have caught yesterday's post (where we're also giving away two Galaxy S4 i9500s and two HTC Ones), Clueful is best described as a "personal privacy consultant" that offers full details of what your apps are actually doing behind the scenes. This includes details about which apps can potentially send your personal information and/or identity to third parties, track your location, have access to "sensitive data," show "very intrusive" ads, and much more.
At first blush, that sounds like a slew of other tools that simply read each app's set of permissions and which SDKs they may be using. Clueful takes this approach a step further however, as each app's activity is checked in Bitdefenders labs (i.e. the cloud), and a detailed report of what the app is capable of doing is provided to the user. Using this information, it applies a rating – high risk, moderate risk, or low risk – to the application. It then uses these rankings to give the device an overall "Privacy Score," which provides an at-a-glance look at how protected you really are. It's all very intuitive and easy to parse, which is one of the best things about Clueful.
There is also a simple way to filter which apps may be doing specific tasks, like using intrusive ads or sending login credentials over an unencrypted connection (that's a huge no-no) by using the "filter" tool. Once you've found the applications that make you shake your head in disgust, a tap of the name will tell you why Clueful gave it the ranking that it did. For example, there is one "high risk" app on the Nexus 7 we used to test the application; naturally, we want to know why. Turns out it's not so pretty:
We actually weren't aware that BatteryDash was using Airpush; thankfully, we were able to uninstall the app directly from Clueful. You can also share your findings and publicly shame potential privacy spies, which is actually a nice touch. Immediately after removing BatteryDash from the system, the Privacy Score jumped by 29 points. Instant gratification!
Clueful also made us privy to some other questionable activity, like the fact that Digitally Imported Radio may send your login credentials over an unsecured connection. Our own Justin Case analyzed the app and found that it actually sends login credentials over https, but the sign up process is done over an http connection, so Clueful indeed accurately flagged a security flaw. Removing the app instantly gave us another 10 point Privacy Score boost.
Clueful doesn't stop after the first scan, either. It keeps tabs on all current applications, as well as any future applications and updates for existing apps that are installed. If you install something questionable (or an app suddenly gets a new "feature" that may compromise privacy), Clueful will be the first to let you know. That's good lookin' out.
Overall, Clueful is a useful, intuitive, and intelligent tool that everyone who's concerned about privacy should have installed. And for the low cost of free, there's no reason not to try it out. You never know what you may find your apps doing, after all.