I am a recent convert to the world of mobile phones; I have to say that one aspect that I never thought I should consider is security vulnerabilities, until now. The first line of today’s article in Cnet is what caught my attention and prompted to research this matter further. The article first line read “Android applications are once again in the hot seat over possible security vulnerabilities.”
So what happened? In June of 2010 an article came out stating the 20% of the 48,000 Android applications allow third-party applications access to private or sensitive data. In fact some applications were found to make calls or send text message without any interaction from the user. In this article Google said that they make sure application developers confirm their real identities, if they are unable they disable their accounts. The reason for these checks and balances is because many developer names are aliases.
Fast forward two years and four months, when researchers at the Leibniz University of Hanover in Germany release a study looking at ways where legitimate Android applications respond to attacks on security protocols. The study finds that eight percent the applications used the security protocols improperly leaving sensitive data open to hackers. The team found in their study that over 1,000 applications were willing to communicate over SSL with anything that sends out certificate to communicate. Compare to the incident of 2010 Google did not offer any comments.
So if you remember in my last week blog I mentioned the FTC penalizing Wyndham Hotels and some it franchises for not having proper security measure in place. To me these issues with the Androids applications is another example where the FTC needs to intervene. Google needs to be more responsible and closely test and monitor the products that developers are creating. Ultimately no one is going to remember what developer did what, all they are going to remember is the name “Google”, bad applications in the end could tarnish Google’s image. Google needs to learn from the error Wyndham Hotels made, because I do not think the FTC is to far behind.
References Mills, E. (2010, June 22). Report says be aware of what your Android app does. Retrieved October 22, 2012, from Cnet Reisinger, D. (2012, October 22). Some Android apps could leak personal data, researchers find. Retrieved October 22, 2012, from Cnet
No comments:
Post a Comment