The Dark Side of Phone Apps

June 4, 2010 -

The Wall Street Journal looks into the "dark side of phone apps" in a new report about the lack of app vetting in Google's Android and Apple's iPhone app stores. While they don't cite too many examples, save some questionable banking apps that Apple banned, the paper solicits the opinions of nameless FBI and security professionals who are "concerned" about malicious software making its way into these stores and in turn on consumers' phones.

As more companies, government agencies and regular consumers use wireless devices to engage in commerce and share private information, the "bad guys" are finding new and creative ways to steal from them and profit from it.

The paper, speaking to "someone familiar with the matter," reports that the FBI's Cyber Division has begun working on these kinds of cases - specifically apps designed to compromise banking on cellphones, as well as mobile "malware" used for "espionage by foreign nations." The FBI has a standing policy that bars its employees from downloading apps on FBI-issued smartphones. The Air Force has a similar policy.

While there is some oversight for most app stores - Google's Android app store has no formal review process. The company has said in the past that it relies on its customers to report malware or other questionable apps first. While some security experts believe Google's Android Market is particularly vulnerable, Google says that it has "put in place security measures, such as remotely disabling apps found to be malicious and requiring developers to register with its Checkout payment service, and argued there's no evidence for claims that its store poses a greater risk than others."

Apple, on the other hand, vets all of its applications before they appear in its App Store, but security on that front can use some improvement too, according to some experts. The most publicized incident happened in July 2008, when Apple pulled the game called Aurora Feint from its store after it was found to be uploading users' contact lists to the game maker's servers. Apple claims that it " takes security very seriously," and that it has "a very thorough approval process and review every app." The company also claims to check the identities of every developer.

Still the iPhone isn't a perfect and safe platform - we'll leave you this scary quote from the WSJ story to think about:

Since 2008, security experts have identified at least 36 security holes in the phone's software, according to a review of the National Vulnerability Database maintained by the Department of Homeland Security. One, identified in September 2009, could have allowed hackers to learn someone's username and password from messages sent to servers when browsing the Web.

Source: WSJ

Posted in

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
Big PermBlazers w/ t-shirts trigger me. This madness must be stopped08/04/2015 - 10:36am
PHX Corphttps://twitter.com/JimSterling Jim Sterling's commentary of the Xbox Gamescom event08/04/2015 - 9:34am
Big PermI'm talking about not being able to fully disable telemetry unless you have Enterprise software. It's just creepy to me08/04/2015 - 9:31am
TechnogeekBig Perm: If you're talking about the image I think you are, then no, not really. The claims it makes are, at best, extremely misleading in many instances.08/04/2015 - 9:28am
E. Zachary KnightBig Perm, That would make logical sense, so of course YouTube would not allow you to set your subscription page as the home page.08/04/2015 - 9:14am
Big PermBy the way. Anyone else kind of spooked by Microsofts data collection that's being reported about Win10? Thinking of finally trying a linux box for general use and Windows for gaming only08/04/2015 - 8:59am
Big PermCan you set youtube to load subs instead of recommendations first?08/04/2015 - 8:54am
MonteI've had mostly good experience with Youtube recommendations... only problem is when i watch a certain video that messes it up and gets me reconmendations i don't want. Though all i have to do is remove said video from my history to fix it08/04/2015 - 8:42am
Big PermYoutube wants me to watch Nicki Minaj videos. I am ok with this. Dat mute tho08/04/2015 - 7:48am
IvresseIronpatriot: I think it's fair to say that even anti-gamergaters want you to just shut the hell up...08/04/2015 - 7:27am
Sora-Chan@Andrew Eisen: A tip for when it comes to clicking people's video recommendations, use Incognito/Private Mode.that'll keep those kinds of recommendations off the radar. =P08/04/2015 - 5:37am
InfophileWow, I just got an e-mailed ad from Nintendo: "FREE AC Adapter with New Nintendo 3DS XL" - So... pretending this didn't used to be normal, are we?08/04/2015 - 3:34am
MattsworknameNight man, take care08/04/2015 - 2:59am
Andrew EisenOff to bed. Play nice.08/04/2015 - 2:53am
Andrew EisenNo worries. Yeah, it's the pits. It's like "How many times do I have to tell you I'm not interested in this producer's work before you stop recommending his videos to me?!"08/04/2015 - 2:53am
MattsworknameAndrew: Sorry man, youtubes recomendations system is really crappy08/04/2015 - 2:49am
MattsworknameIp: they cite 4 chan. Enough said08/04/2015 - 2:47am
IronPatriotWhat I don't get is why anyone wants to be part of the private online army for a stalker.08/04/2015 - 2:32am
IronPatriotYes, it's pretty sad that even after GG has been exposed as a fraud designed to harass Sarkeesian, they still want to attack her. Do facts even matter anymore?08/04/2015 - 2:30am
Andrew EisenDammit. For context's sake, I watched that one Chris Ray Gun video Matt linked to and now my recommends are chockful of anti-Sarkeesian crap from the usual suspects. ARGH!08/04/2015 - 2:27am
 

Be Heard - Contact Your Politician