Great Motorola Edge deal on Amazon!

Recycled code causing bugs with popular Android apps

By Michael H.
24comments
Android Apps
Recycled code causing bugs with popular Android apps
Android has long had the reputation of being a buggy system, despite research showing that Android is actually more stable than iOS. However, that's not to say there aren't bugs in Android; and, new research from the firm that first uncovered Heartbleed is saying that a good amount of bugs are being caused by developers using recycled code.

IT research firm Codenomicon found that bugs in about 25 of the top 50 Android apps are originating from third party libraries that are used by many developers. The practice is quite common, because it allows developers to easily add more advanced functionality to apps, like security features coming from third party cryptographic libraries. It is impossible for any developer to be masters of all types of code, so shared libraries make everything easier. However, if those shared libraries contain errors, those will cause bugs that can propagate quickly as others simply copy-and-paste that code into apps. Chester Wisniewski, a Senior Security Advisor at Sophos, explained the issue by noting an example where WhatsApp tried to build its own cryptocode without the proper understanding of how to do so, and ended up with quite a lot of security flaws in its app. 

Codenomicon is planning to present its findings in more detail at the upcoming Black Hat security conference, scheduled for August 6th and 7th. The hope is to get consensus on ways to better test third party libraries, and make developers aware that those libraries need to be kept up to date and patched both in code hosting services like GitHub, and in apps as well. 

source: ReadWrite

Recommended Stories

Loading Comments...

Popular stories

Even longtime T-Mobile customers will have to put up with slow internet speed policy
Even longtime T-Mobile customers will have to put up with slow internet speed policy
Two more companies want FCC action against T-Mobile for interference from 5G
Two more companies want FCC action against T-Mobile for interference from 5G
The 51 million customers affected by the AT&T data breach are getting free protection for 12 months
The 51 million customers affected by the AT&T data breach are getting free protection for 12 months
Make your Galaxy fingerprint scanner unlock faster as Samsung fixes what One UI 6.1 broke
Make your Galaxy fingerprint scanner unlock faster as Samsung fixes what One UI 6.1 broke
Doesn't matter if T-Mobile, AT&T or Verizon, don't fall for the ring: How to stay safe in a world full of tricks?
Doesn't matter if T-Mobile, AT&T or Verizon, don't fall for the ring: How to stay safe in a world full of tricks?
iPhone users warned to disable iMessage temporarily to avoid getting hacked
iPhone users warned to disable iMessage temporarily to avoid getting hacked

Latest News

Verizon's Visible introduces annual plans with discounts up to 26%
Verizon's Visible introduces annual plans with discounts up to 26%
Comcast launches NOW, low-cost and prepaid brand for data, TV, and WiFi hotspots
Comcast launches NOW, low-cost and prepaid brand for data, TV, and WiFi hotspots
Apple tipped to reduce display size of iPhone 17 Plus
Apple tipped to reduce display size of iPhone 17 Plus
Google Photos working on an option to hide your downloaded memes and other UI tweaks
Google Photos working on an option to hide your downloaded memes and other UI tweaks
Hurry up and snatch Amazon's jumbo-sized Fire Max 11 tablet at its biggest discount yet
Hurry up and snatch Amazon's jumbo-sized Fire Max 11 tablet at its biggest discount yet
Memes of the week: Crazy Pixel leaks, OnePlus feels the heat in India, and more!
Memes of the week: Crazy Pixel leaks, OnePlus feels the heat in India, and more!
FCC OKs Cingular\'s purchase of AT&T Wireless