The Dark Side of Phone Apps

June 4, 2010 -

The Wall Street Journal looks into the "dark side of phone apps" in a new report about the lack of app vetting in Google's Android and Apple's iPhone app stores. While they don't cite too many examples, save some questionable banking apps that Apple banned, the paper solicits the opinions of nameless FBI and security professionals who are "concerned" about malicious software making its way into these stores and in turn on consumers' phones.

As more companies, government agencies and regular consumers use wireless devices to engage in commerce and share private information, the "bad guys" are finding new and creative ways to steal from them and profit from it.

The paper, speaking to "someone familiar with the matter," reports that the FBI's Cyber Division has begun working on these kinds of cases - specifically apps designed to compromise banking on cellphones, as well as mobile "malware" used for "espionage by foreign nations." The FBI has a standing policy that bars its employees from downloading apps on FBI-issued smartphones. The Air Force has a similar policy.

While there is some oversight for most app stores - Google's Android app store has no formal review process. The company has said in the past that it relies on its customers to report malware or other questionable apps first. While some security experts believe Google's Android Market is particularly vulnerable, Google says that it has "put in place security measures, such as remotely disabling apps found to be malicious and requiring developers to register with its Checkout payment service, and argued there's no evidence for claims that its store poses a greater risk than others."

Apple, on the other hand, vets all of its applications before they appear in its App Store, but security on that front can use some improvement too, according to some experts. The most publicized incident happened in July 2008, when Apple pulled the game called Aurora Feint from its store after it was found to be uploading users' contact lists to the game maker's servers. Apple claims that it " takes security very seriously," and that it has "a very thorough approval process and review every app." The company also claims to check the identities of every developer.

Still the iPhone isn't a perfect and safe platform - we'll leave you this scary quote from the WSJ story to think about:

Since 2008, security experts have identified at least 36 security holes in the phone's software, according to a review of the National Vulnerability Database maintained by the Department of Homeland Security. One, identified in September 2009, could have allowed hackers to learn someone's username and password from messages sent to servers when browsing the Web.

Source: WSJ

Posted in

 
Forgot your password?
Username :
Password :

Poll

What do you think about Bill Paxton taking on the film role of Jack Thompson?:

Shout box

You're not permitted to post shouts.
PHX Corphttp://www.extremetech.com/computing/203654-leaked-sony-emails-show-mpaas-opposition-to-fair-use-confirms-users-are-viewed-as-thieves Leaked Sony emails show MPAA’s opposition to fair use, confirms users are viewed as thieves04/18/2015 - 10:49am
prh99I'd happily run DBAN on all their servers and back up with a 7 pass wipe.04/18/2015 - 1:07am
Matthew Wilsonmetaphorically speaking of course04/17/2015 - 9:40pm
Matthew Wilsonhttps://soundcloud.com/totalbiscuit/brevity-is-the-soul-of-twit I agree with TB twiter is not good for anything more their links. twiter is a toxic wasteland, and I wish I can nuke it from orbit.04/17/2015 - 9:38pm
MechaCrashI can understand why Sony wants the Pokemon and Smash movie rights, but it's not hard to see why Nintendo wouldn't want to sell to them. Kinda their competitors in the console arena.04/17/2015 - 8:01pm
PHX Corp@MW We won't know until the nintendo General Shareholders meeting if the leaks(From Sony Pictures) is true or not04/17/2015 - 7:55pm
MechaCrashIn GG news: they got kicked out of Calgary Expo for getting a booth under false pretenses and disrupting panels. http://www.themarysue.com/calgary-expo-gamergate-evicted/ How long before they get thrown under the No True Scotsman bus?04/17/2015 - 7:53pm
MechaTama31EZK: Because what if I want to see that website I was looking at a while ago? Well, just keep scanning through my tabs til I see it! There's an aspect of archaeology to it, too. "Oh yeah, I was looking up how to build my own pizza oven. Good times..."04/17/2015 - 6:52pm
Matthew Wilsondo it in the art style of those trailers, and I am on board.04/17/2015 - 5:24pm
PHX Corphttp://mynintendonews.com/2015/04/17/sony-were-apparently-trying-to-get-the-rights-to-a-pokemon-and-super-smash-bros-movie/ Sony Were Apparently Trying To Get The Rights To A Pokemon And Super Smash Bros Movie04/17/2015 - 4:14pm
E. Zachary KnightCan't wait to see the new digs on Saturday.04/17/2015 - 1:41pm
Andrew EisenBy the by, I moved this week so if I dropped a comment thread or two, my apologies for leaving you hanging.04/17/2015 - 12:22pm
Andrew EisenIf I were going to buy Mortal Kombat X, I'd wait for the inevitable Game of the Year edition that includes all the DLC for an overall cheaper price.04/17/2015 - 12:22pm
PHX CorpMortal Kombat X: On Disc DLC Confirmed Read more at http://gamingbolt.com/mortal-kombat-x-on-disc-dlc-confirmed04/17/2015 - 12:17pm
james_fudgeme04/17/2015 - 8:37am
Ryan RardinWho else would like to see The Misadventures of Tron Bonne on PlayStation Classics?04/17/2015 - 2:21am
ZippyDSMleeso I can save my bookmarks and nuke it with a ree install put my bookmarks back reget all my plugins and I am good to go04/17/2015 - 2:15am
ZippyDSMleeMechaTama31: I run 70 tabs and use a suspend plugin to suspend them. i have a folder in my bookmarks that have all my pluings in it04/17/2015 - 2:14am
E. Zachary KnightOnly one question: Why?04/16/2015 - 10:16pm
MechaTama31Most of which I could probably delete the bookmark for too, if I had the inclination to wade through them.04/16/2015 - 9:16pm
 

Be Heard - Contact Your Politician