Abstract: The technology includes a method to test what information an application transfers to an external computing device. A user's consent is explicitly obtained before the application transfers certain types of information, such as sensitive information. When a determination is made that an application is transferring sensitive information, a prompt for consent from a user may be provided that is accurate and detailed. In pre-production environments, technology can be used to detect whether this sensitive information is being transferred, and to validate whether a prompt for consent is necessary or unnecessary. To determine this, shimming is used to intercept application calls to APIs that return sensitive information. Requested sensitive information may be substituted with recorded or forged information from those APIs to produce a sentinel or canary. Similarly, network traffic of the application may be analyzed by another shim to determine when the substitute information is present.

Abstract: The technology includes a method to test what information an application transfers to an external computing device. A user's consent is explicitly obtained before the application transfers certain types of information, such as sensitive information. When a determination is made that an application is transferring sensitive information, a prompt for consent from a user may be provided that is accurate and detailed. In pre-production environments, technology can be used to detect whether this sensitive information is being transferred, and to validate whether a prompt for consent is necessary or unnecessary. To determine this, shimming is used to intercept application calls to APIs that return sensitive information. Requested sensitive information may be substituted with recorded or forged information from those APIs to produce a sentinel or canary. Similarly, network traffic of the application may be analyzed by another shim to determine when the substitute information is present.

Abstract: The technology includes a method to test what information an application transfers to an external computing device. A user's consent is explicitly obtained before the application transfers certain types of information, such as sensitive information. When a determination is made that an application is transferring sensitive information, a prompt for consent from a user may be provided that is accurate and detailed. In pre-production environments, technology can be used to detect whether this sensitive information is being transferred, and to validate whether a prompt for consent is necessary or unnecessary. To determine this, shimming is used to intercept application calls to APIs that return sensitive information. Requested sensitive information may be substituted with recorded or forged information from those APIs to produce a sentinel or canary. Similarly, network traffic of the application may be analyzed by another shim to determine when the substitute information is present.

Abstract: The technology includes a method for a computing device (console) to restrict transferring information to others on the Internet. A user does not have to explicitly make a choice of having the console restrict the transferring of information to an external computing device because the technology determines that such information cannot be transferred. When an application is loaded, a NSAL is read to determine whether the application will communicate with an external computing device. A NSAL may include authorized network addresses that an application may communicate with when executing on a computing device. When the NSAL does not include any network addresses, there is no need to obtain consent from a user regarding transferring the information externally because the application does not have the capability to do so. When one or more network addresses are includes in a NSAL, consent from a user is obtained.

Abstract: The technology includes a method for a computing device (console) to restrict transferring information to others on the Internet. A user does not have to explicitly make a choice of having the console restrict the transferring of information to an external computing device because the technology determines that such information cannot be transferred. When an application is loaded, a NSAL is read to determine whether the application will communicate with an external computing device. A NSAL may include authorized network addresses that an application may communicate with when executing on a computing device. When the NSAL does not include any network addresses, there is no need to obtain consent from a user regarding transferring the information externally because the application does not have the capability to do so. When one or more network addresses are includes in a NSAL, consent from a user is obtained.

Abstract: The technology includes a method to test what information an application transfers to an external computing device. A user's consent is explicitly obtained before the application transfers certain types of information, such as sensitive information. When a determination is made that an application is transferring sensitive information, a prompt for consent from a user may be provided that is accurate and detailed. In pre-production environments, technology can be used to detect whether this sensitive information is being transferred, and to validate whether a prompt for consent is necessary or unnecessary. To determine this, shimming is used to intercept application calls to APIs that return sensitive information. Requested sensitive information may be substituted with recorded or forged information from those APIs to produce a sentinel or canary. Similarly, network traffic of the application may be analyzed by another shim to determine when the substitute information is present.