Secret keys to Android apps pose security problem for users, plus some interesting statistics
On the mobile OS front, that distinction belongs to Android. Though, truth be told, you have to work at it a bit harder to get nabbed by nefarious software, or you could just buy a device that does the work for you.
Operating system aside, apps pose the other potential risk for users. One of the areas where some researchers have discovered security risks, not in what might be called “high risk” apps, but in a pretty significant share of the whole Google Play store. Jason Nieh and Nicolas Viennot at Columbia University developed a program called PlayDrone.
With PlayDrone, they were able to examine information about many apps found in Google Play and they discovered what was described as a critical security problem. This is an issue with the apps themselves, not the Android operating system.
Developers keep secret keys in the app, such as usernames and passwords. Nieh also stated that many “top developers,” as noted in the Play store, use the same architecture in their apps. The vulnerability could be exploited by those determined to steal such information.
Nieh and Viennot have been working with Google (as well as Facebook, LinkedIn, and Amazon) to address the issue. Google has adopted the scanning method developed by Nieh and Viennot, has been proactively scanning apps for the vulnerability, and notifying developers of the problem.
While that problem has been addressed, Nieh and Viennot made a few other discoveries about the apps downloaded from Google Play. For starters, a full 25% of all free apps in the store are clones. Also, a bug which might have caused a problem with a slow app purchase was identified and since fixed. Finally, believe it or not, more than a million people downloaded an app which claims it can function as a scale to measure the weight of an object placed on the screen of an Android device – no, we are not making that up.
1. FingerMyApple (unregistered)
watching android and malware being together is so much interesting than Romeo and Juliet.
gonna wipe my tears :')
3. a_tumiwa (Posts: 221; Member since: 16 Mar 2012)
and the most secure OS is Blackberry OS, but not many people use it anymore, dunno why :(
5. Miracles (Posts: 463; Member since: 31 Aug 2013)
Cuz Apple took its job. Blackberry was Apple in the old days. But after Apple..they didnt put out any smartphones that appealed to me. Though recent ones look great....as long as they stick to emerging markets like China and India...and stay business friendly...they gonna come back from the dead.
6. mr.techdude (Posts: 536; Member since: 19 Nov 2012)
Are you serious, black berry is stereotyped to be 'the most secured OS' well it's not. You own a blackberry and u got the government up ur ass, the truth has been spoken.
12. -box- (Posts: 3714; Member since: 04 Jan 2012)
Actually Blackberry 10 is considered the most secure of the mainstream smartphone OSes, followed by Windows Phone, then Android (and there are specially customized versions, restricted really, that are even more secure), then IOS (if you consider it a smartphone OS). Remember that government agencies worldwide rely on Blackberry, even today (apparently it's the only phone POTUS is allowed to use for "business" purposes), although some have begun adopting restricted versions of Android, as well as Windows Phones. Very few have cleared the iphonie to be used, due to security flaws and hardware costs.
2. Jason2k13 (Posts: 627; Member since: 28 Mar 2013)
soo many news about android malware and bugs, but never a news about an actual person or business affected by these claims... wonder why...
4. CyberFalcon (Posts: 109; Member since: 17 Apr 2014)
coz these bugs are discovered even before some one affected by it...
Thats the beauty of open source and ethical hacking...
7. HildyJ (Posts: 87; Member since: 11 Aug 2012)
This is to be expected given that the majority of apps on all the OSs are designed to push ads to the users and money to the developers, not to protect the users' privacy. Why do I need a user name and password to blow up aliens/zombies/pigs?
9. lolatfailphones (limited) (Posts: 111; Member since: 08 Apr 2013)
That's why I'm an apple user. I mean just look at their new policy! Android has tons of fake apps that steals your information like that flashlight app they had that used data connection.
11. -box- (Posts: 3714; Member since: 04 Jan 2012)
Apple is pretty bad at security, actually. Both IOS and os X are natively less secure than Windows PhonE, Android, and Blackberry, and Windows desktop, respectively, and IOS users are a greater target because they're perceived as less tech- and security-conscious and have an expectation that the device will "just work" out of the box with no problems ever, which we know from decades of experience that has been proved wrong too many times to count.
10. -box- (Posts: 3714; Member since: 04 Jan 2012)
Only 25% of the free apps are clones? Sure it's not 75%?