The Dark Side of Phone Apps

June 4, 2010 -

The Wall Street Journal looks into the "dark side of phone apps" in a new report about the lack of app vetting in Google's Android and Apple's iPhone app stores. While they don't cite too many examples, save some questionable banking apps that Apple banned, the paper solicits the opinions of nameless FBI and security professionals who are "concerned" about malicious software making its way into these stores and in turn on consumers' phones.

As more companies, government agencies and regular consumers use wireless devices to engage in commerce and share private information, the "bad guys" are finding new and creative ways to steal from them and profit from it.

The paper, speaking to "someone familiar with the matter," reports that the FBI's Cyber Division has begun working on these kinds of cases - specifically apps designed to compromise banking on cellphones, as well as mobile "malware" used for "espionage by foreign nations." The FBI has a standing policy that bars its employees from downloading apps on FBI-issued smartphones. The Air Force has a similar policy.

While there is some oversight for most app stores - Google's Android app store has no formal review process. The company has said in the past that it relies on its customers to report malware or other questionable apps first. While some security experts believe Google's Android Market is particularly vulnerable, Google says that it has "put in place security measures, such as remotely disabling apps found to be malicious and requiring developers to register with its Checkout payment service, and argued there's no evidence for claims that its store poses a greater risk than others."

Apple, on the other hand, vets all of its applications before they appear in its App Store, but security on that front can use some improvement too, according to some experts. The most publicized incident happened in July 2008, when Apple pulled the game called Aurora Feint from its store after it was found to be uploading users' contact lists to the game maker's servers. Apple claims that it " takes security very seriously," and that it has "a very thorough approval process and review every app." The company also claims to check the identities of every developer.

Still the iPhone isn't a perfect and safe platform - we'll leave you this scary quote from the WSJ story to think about:

Since 2008, security experts have identified at least 36 security holes in the phone's software, according to a review of the National Vulnerability Database maintained by the Department of Homeland Security. One, identified in September 2009, could have allowed hackers to learn someone's username and password from messages sent to servers when browsing the Web.

Source: WSJ

Posted in

 
Forgot your password?
Username :
Password :

Poll

Who's responsible for crappy Netflix performance on Verizon?:

Shout box

You're not permitted to post shouts.
IanCWelp, twitch is going to suck now. Thanks google.07/25/2014 - 6:30am
Sleaker@MP - Looked up hitbox, thanks.07/24/2014 - 9:40pm
Matthew WilsonI agree, but to me given other known alternatives google seems to the the best option.07/24/2014 - 6:30pm
Andrew EisenTo be clear, I have no problem with Google buying it, I'm just concerned it will make a slew of objectively, quantifiably bad changes to Twitch just as it's done with YouTube over the years.07/24/2014 - 6:28pm
Matthew WilsonI doubt yahoo has the resources to pull it off, and I not just talking about money.07/24/2014 - 6:15pm
SleakerI wouldn't have minded a Yahoo purchase, probably would have been a better deal than Tumblr seeing as they paid the same for it...07/24/2014 - 6:13pm
MaskedPixelanteIt's the golden age of Hitbox, I guess.07/24/2014 - 6:08pm
Matthew Wilsonagain twitch was going to get bought. It was just who was going to buy it . Twitch was not even being able to handle the demand, so hey needed a company with allot of infrastructure to help them. I can understand why you would not want Google to buy it .07/24/2014 - 5:49pm
Andrew Eisen"Google is better than MS or Amazon" Wow. Google, as I mentioned earlier, progressively makes almost everything worse and yet there are still two lesser options. Again, wow!07/24/2014 - 5:43pm
Andrew EisenI don't know. MS, in my experience, is about 50/50 on its products. It's either fine or it's unusable crap. Amazon, well... I've never had a problem buying anything from them but I don't use any of their products or services so I couldn't really say.07/24/2014 - 5:42pm
Matthew WilsonGoogle is better than MS or Amazon.07/24/2014 - 5:33pm
Sleaker@AE - I've never seen youtube as a great portal to interact with people from a comment perspective. like ever. The whole interface doesn't really promote that.07/24/2014 - 5:28pm
Andrew EisenNor I. From a content producer's perspective, almost every change Google implements makes the service more cumbersome to use. It's why I set up a Facebook fan page in the first place; it was becoming too difficult to connect with my viewers on YouTube.07/24/2014 - 4:50pm
Sleakerwonder if anyone is going to try and compete with google, I'm not a huge fan of the way they manage their video services.07/24/2014 - 4:41pm
Andrew EisenIt happened. Google bought Twitch. http://venturebeat.com/2014/07/24/googles-1b-purchase-of-twitch-confirmed-joins-youtube-for-new-video-empire/07/24/2014 - 4:28pm
MaskedPixelanteI hope Nintendo actually follows through with the DS Virtual Console, that sounds like it could be cool.07/24/2014 - 2:15pm
james_fudgePeople don't deny it persay, they bristle at the idea that it's a "problem" that nneds to be "fixed."07/24/2014 - 2:15pm
Papa MidnightRacism and Misogny are heavily prevalent in the gaming and online arena. Getting people to actually admit that, however...07/24/2014 - 11:42am
Papa MidnightThat very thing is somthing that anyone who has been subjected to racial-based targeting online could actually state that they've experienced.07/24/2014 - 11:41am
Papa MidnightPerfect example: "I have yet to talk to a man who has had to call a police officer due to a stalker, only to be told nothing can be done until they are physically assaulted."07/24/2014 - 11:40am
 

Be Heard - Contact Your Politician