Bloatware: Difference between revisions

Line 13:

==Why it is a problem==

Bloatware often arises as pre-installed software and applications because the device manufacturer (OEM) has a contract or partnership with another corporation. The terms and processes leading to these partnerships, however, lack transparency. One study determined that personal data collection and user tracking was prevalent in pre-installed apps, with the data collection ~~incluing~~ PII and ~~geolocation~~ data, personal email and phone call metadata, contacts, behavioral and usage statistics as well as isolated malware samples.<ref>''J. Gamba, M. Rashed, A. Razaghpanah, J. Tapiador and N. Vallina-Rodriguez, "An Analysis of Pre-installed Android Software," 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2020, pp. 1039-1055, doi: 10.1109/SP40000.2020.00013.'' https://ieeexplore.ieee.org/document/9152633 Accessed 2''6 Feb 2026.'' ([http://web.archive.org/web/20251130162318/https://www.researchgate.net/publication/332932516_An_Analysis_of_Pre-installed_Android_Software Archived])</ref>

Bloatware often arises as pre-installed software and applications because the device manufacturer (OEM) has a contract or partnership with another corporation. The terms and processes leading to these partnerships, however, lack transparency. One study determined that personal data collection and user tracking was prevalent in pre-installed apps, with the data collection including [[wikipedia:Personal_data|personally identifying info]] (PII) and geo-location data, personal email and phone call metadata, contacts, behavioral and usage statistics as well as isolated malware samples.<ref>''J. Gamba, M. Rashed, A. Razaghpanah, J. Tapiador and N. Vallina-Rodriguez, "An Analysis of Pre-installed Android Software," 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2020, pp. 1039-1055, doi: 10.1109/SP40000.2020.00013.'' https://ieeexplore.ieee.org/document/9152633 Accessed 2''6 Feb 2026.'' ([http://web.archive.org/web/20251130162318/https://www.researchgate.net/publication/332932516_An_Analysis_of_Pre-installed_Android_Software Archived])</ref>

Bloat, in any of its forms, raises privacy and security concerns<ref>{{Cite web |last=Hubert |first=Bert |date=2024-02-08 |title=Why Bloat Is Still Software’s Biggest Vulnerability |url=https://spectrum.ieee.org/lean-software-development |access-date=2025-11-21 |website=IEEE Spectrum |url-status=live |archive-url=http://web.archive.org/web/20260131190126/https://spectrum.ieee.org/lean-software-development |archive-date=31 Jan 2026}}</ref>. As a rule of thumb, every added branch of code can make a program exponentially harder to prove for correctness<ref>https://gavinhoward.com/2024/03/what-computers-cannot-do-the-consequences-of-turing-completeness#infinite-state ([http://web.archive.org/web/20251214082939/https://gavinhoward.com/2024/03/what-computers-cannot-do-the-consequences-of-turing-completeness#infinite-state Archived])</ref>, making it impractical or impossible to verify that a program is not malicious (such as [[spyware]]) or has an exploitable [[wikipedia:Software_vulnerabilities|vulnerability]]. The problem is exacerbated if the app is not [[wikipedia:Open-source_software|open-source]] or [[wikipedia:Source-available_software|source-available]], since [[wikipedia:Reverse_engineering|reverse engineering]] is difficult and (in some cases) illegal. This means that user is unable to control or ensure the safety of their devices.

@@ Line 13: / Line 13: @@
 ==Why it is a problem<!-- There should be information added regarding the users' lack of ability to remove bloatware as well; this is a particularly relevant topic for consumer rights because it means that a person does not have the power to determine what programs and apps are on their devices. -->==
-Bloatware often arises as pre-installed software and applications because the device manufacturer (OEM) has a contract or partnership with another corporation. The terms and processes leading to these partnerships, however, lack transparency. One study determined that personal data collection and user tracking was prevalent in pre-installed apps, with the data collection incluing PII and geolocation data, personal email and phone call metadata, contacts, behavioral and usage statistics as well as isolated malware samples.<ref>''J. Gamba, M. Rashed, A. Razaghpanah, J. Tapiador and N. Vallina-Rodriguez, "An Analysis of Pre-installed Android Software," 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2020, pp. 1039-1055, doi: 10.1109/SP40000.2020.00013.'' https://ieeexplore.ieee.org/document/9152633 Accessed 2''6 Feb 2026.'' ([http://web.archive.org/web/20251130162318/https://www.researchgate.net/publication/332932516_An_Analysis_of_Pre-installed_Android_Software Archived])</ref>
+Bloatware often arises as pre-installed software and applications because the device manufacturer (OEM) has a contract or partnership with another corporation. The terms and processes leading to these partnerships, however, lack transparency. One study determined that personal data collection and user tracking was prevalent in pre-installed apps, with the data collection including [[wikipedia:Personal_data|personally identifying info]] (PII) and geo-location data, personal email and phone call metadata, contacts, behavioral and usage statistics as well as isolated malware samples.<ref>''J. Gamba, M. Rashed, A. Razaghpanah, J. Tapiador and N. Vallina-Rodriguez, "An Analysis of Pre-installed Android Software," 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2020, pp. 1039-1055, doi: 10.1109/SP40000.2020.00013.'' https://ieeexplore.ieee.org/document/9152633 Accessed 2''6 Feb 2026.'' ([http://web.archive.org/web/20251130162318/https://www.researchgate.net/publication/332932516_An_Analysis_of_Pre-installed_Android_Software Archived])</ref>
 Bloat, in any of its forms, raises privacy and security concerns<ref>{{Cite web |last=Hubert |first=Bert |date=2024-02-08 |title=Why Bloat Is Still Software’s Biggest Vulnerability |url=https://spectrum.ieee.org/lean-software-development |access-date=2025-11-21 |website=IEEE Spectrum |url-status=live |archive-url=http://web.archive.org/web/20260131190126/https://spectrum.ieee.org/lean-software-development |archive-date=31 Jan 2026}}</ref>.<!-- These privacy and security concerns should be detailed and explained. It would be the core point of this article. --> As a rule of thumb, every added branch of code can make a program exponentially harder to prove for correctness<ref>https://gavinhoward.com/2024/03/what-computers-cannot-do-the-consequences-of-turing-completeness#infinite-state ([http://web.archive.org/web/20251214082939/https://gavinhoward.com/2024/03/what-computers-cannot-do-the-consequences-of-turing-completeness#infinite-state Archived])</ref>, making it impractical or impossible to verify that a program is not malicious (such as [[spyware]]) or has an exploitable [[wikipedia:Software_vulnerabilities|vulnerability]]. The problem is exacerbated if the app is not [[wikipedia:Open-source_software|open-source]] or [[wikipedia:Source-available_software|source-available]], since [[wikipedia:Reverse_engineering|reverse engineering]] is difficult and (in some cases) illegal. This means that user is unable to control or ensure the safety of their devices.