Your smartphone applications are watching you — much more closely than you might like.

Lookout, a mobile-phone security firm, released the first findings from the "App Genome Project "at BlackHat USA 2010 conference this week. Lookout scanned nearly 300,000 free applications for Apple's iPhone and phones built around Google's Android software. It found that many of them secretly pull sensitive data off users' phones and ship them off to third parties without notification.

According to Lookout's blog:

"Our goal with this research is to help make people aware of the capabilities of mobile apps so that they can be vigilant while downloading.  Mobile applications on all platforms — iPhone, BlackBerry, Android, and Symbian — can potentially gather sensitive data from users and we think it’s important that both developers and users act responsibly. The Android permission model, for example, takes steps to inform users of the capabilities of apps, including what personal data the app could be accessing, thus empowering users to evaluate the apps they download and make good decisions.

During our research, we found series of wallpaper applications in the Android Market are gathering seemingly unnecessary data. The wallpaper applications that we analyzed transmitted several pieces of sensitive data to a server over an unencrypted network connection. The data included the device’s phone number, subscriber identifier (e.g. IMSI), and the currently entered voicemail number on the phone (see below for technical details).  While this sort of data collection from a wallpaper application is certainly suspicious, there’s no evidence of malicious behavior. There have been cases in the past on other mobile platforms where well-intentioned developers are simply over-zealous in their data gathering, without having malicious intent."

Read the complete story by Jordan Robertson of the Associated Press here.