The latest selfie app craze, Meitu, might be doing more than making you look like a glamorous hand-drawn anime character. The app may be sending mobile phones’ IMEI numbers to several locations in China, as reported by Slash Gear.
Until now, I had no idea an IMEI number was even a thing, but according to good old Wikipedia, it’s short for International Mobile Station Equipment Identity. They’re unique numbers belonging to individual smartphones, usually located on the battery, used to identify valid — and thus also invalid or stolen — phones. So, for instance, if a mobile phone is stolen, the owner can call their network provider and instruct them to “blacklist” the phone using its IMEI number. This renders the phone useless on that network and sometimes other networks too, depending on whether the phone’s SIM has been changed.
Not only is access to IMEI numbers worrisome, but so are the other permissions the app requests in order to install. For instance, with regard to iPhones, the app wants access to App Key, App Version, OS Type, IMEI, Mac Address, OS Version, Device Model, Resolution and more. All of this access is worrisome for people like Jay Bennett, who took to Twitter to address the issue and lit an anti-Meitu firestorm. As Slash Gear noted, “Basically, it would seem that the folks behind the info sent by Meitu are looking for devices that have root permission, that opening up the door for them to take control of phones in a big way.”
How this compares to other apps we give permissions to is unclear, and it very well could be a dose of racism is involved in assuming a China-based app has malicious intent. A spokesperson for Meitu commented on the matter, saying, “Meitu employs a combination of third-party and in-house data-tracking systems to make sure the user data tracked is consistent. Furthermore, the data collected is sent securely, using multilayer encryption to servers equipped with advanced firewall, IDS and IPS protection to block external attacks.”
Meitu has been around for years, but only recently has the company’s camera app become popular in the U.S. Even I took part in the new selfie craze, sending everyone I know and love selfies of myself looking like a cartoon witch (that was my favorite of the filters).
I don’t exactly know how to feel about this issue specifically, but it does bring up a caution: We should be more aware of the apps we download and what we’re giving them permission to access. Our phones have become an extension of ourselves. I have so many personal things saved on mine, I can’t imagine the damage that could be done if someone I didn’t know were to gain access. From butt selfies to bank information to my home address to more butt selfies — it’s all there. I’m going to go ahead and say it might be best to remove the Meitu app from your phone, but I’m not going to engage in any paranoia further than that.
It’s easy to fall for the latest selfie crazes, and I definitely can’t blame you. They’re fun! However, let’s look at this story as a warning: We can’t implicitly trust every app we download, no matter how #trending it may be.
Slash Gear suggests changing passwords on all the apps on your phone if you installed Meitu, as a precaution. I haven’t done that myself and am going to give Meitu the benefit of the doubt. Let’s hope I’m not wrong.
Read Slash Gear’s full coverage here.
—
Sonia Stevens is a writer-comedian who picks apart the absurdities women face daily. Email her at Sonia.Stevens@ynotcam.com.
