Reddit is currently buzzing about this article, where a security researcher in Arizona went into a massive 7.5MB code file in Uber, and found this:
It doesn’t take a senior programmer to read this and see that Uber is requesting access to your ‘camera, phone calls, accounts, neighbor’s wifi network, and much more.’
Although many of the data points collected by Uber are indeed justifiable, such as network connection information like WiFi and GPS data, knowing whether your phone is rooted or not seems unjustifiable and totally unnecessary. Venturebeat news has even stated that the extent of data Uber requests, goes beyond the amount of data shown to users in the Android permissions screen.
So who would want this information?
The government, or bulk data collectors Uber could sell it to, perhaps. No one knows for sure.
This puts Uber in even more hot water than before, when word got out to news outlets that Uber is firing its drivers for posting negative statements about the company on Twitter. Some people felt it was excessive.
As for many Uber riders, including myself, this marks the last time Uber will be picking me up, as I’ve already deleted the app.
Unfortunately, Uber does not allow users to remove their payment method. Shouldn’t be too much of a worry as one can only assume that their debit/credit card info is already stored in a server database.