The Dark Side of Phone Apps

June 4, 2010 -

The Wall Street Journal looks into the "dark side of phone apps" in a new report about the lack of app vetting in Google's Android and Apple's iPhone app stores. While they don't cite too many examples, save some questionable banking apps that Apple banned, the paper solicits the opinions of nameless FBI and security professionals who are "concerned" about malicious software making its way into these stores and in turn on consumers' phones.

As more companies, government agencies and regular consumers use wireless devices to engage in commerce and share private information, the "bad guys" are finding new and creative ways to steal from them and profit from it.

The paper, speaking to "someone familiar with the matter," reports that the FBI's Cyber Division has begun working on these kinds of cases - specifically apps designed to compromise banking on cellphones, as well as mobile "malware" used for "espionage by foreign nations." The FBI has a standing policy that bars its employees from downloading apps on FBI-issued smartphones. The Air Force has a similar policy.

While there is some oversight for most app stores - Google's Android app store has no formal review process. The company has said in the past that it relies on its customers to report malware or other questionable apps first. While some security experts believe Google's Android Market is particularly vulnerable, Google says that it has "put in place security measures, such as remotely disabling apps found to be malicious and requiring developers to register with its Checkout payment service, and argued there's no evidence for claims that its store poses a greater risk than others."

Apple, on the other hand, vets all of its applications before they appear in its App Store, but security on that front can use some improvement too, according to some experts. The most publicized incident happened in July 2008, when Apple pulled the game called Aurora Feint from its store after it was found to be uploading users' contact lists to the game maker's servers. Apple claims that it " takes security very seriously," and that it has "a very thorough approval process and review every app." The company also claims to check the identities of every developer.

Still the iPhone isn't a perfect and safe platform - we'll leave you this scary quote from the WSJ story to think about:

Since 2008, security experts have identified at least 36 security holes in the phone's software, according to a review of the National Vulnerability Database maintained by the Department of Homeland Security. One, identified in September 2009, could have allowed hackers to learn someone's username and password from messages sent to servers when browsing the Web.

Source: WSJ

Posted in

Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
E. Zachary KnightPHX, I love the comic. Also, I love the story of shear paranoia on the part of the MPAA.08/31/2015 - 9:41am
PHX Corphttps://torrentfreak.com/mpaa-demands-extraordinary-measures-to-prevent-piracy-150830/ MPAA Demands Extraordinary Measures To Prevent Piracy08/31/2015 - 7:52am
PHX Corphttp://www.neogaf.com/forum/showpost.php?p=176931667&postcount=12 although it's a little late, a comic strip on neogaf about the "release it now, patch it later" culture08/30/2015 - 7:37am
Papa MidnightBack to when, RedMade? A week ago? (seriously, though...)08/30/2015 - 1:55am
RedMageOh hey, a news station is trying to scapegoat gaming. That takes me back. https://twitter.com/GamingAnarchist/status/63754361236507443208/29/2015 - 1:40pm
Big PermA link to TB twitter with Matt Lees in the replies - https://twitter.com/Totalbiscuit/status/52528604482949939208/29/2015 - 12:16pm
Brad GlasgowWhy would he say the company lies about getting abuse? Oh, because people don't abuse GG?08/29/2015 - 10:38am
Big PermBrad - Matt Lees was also quick to say the company "Gamers Gate" lies about getting abusive messages thinking they were an official GG channel08/29/2015 - 9:11am
Goth_SkunkMGSV: The Phantom Integrity - A Rant by RazörFist. (NSFW on account of language). RazörFist discusses the latest batch of unethical journalist conduct, with a caveat. - http://ow.ly/RwXYT08/29/2015 - 7:10am
Goth_Skunk@Brad: I can.08/29/2015 - 6:13am
Goth_SkunkI assume "Stacy" is a pseudonym. After reading what she went through, I would not be one bit surprised if it is.08/29/2015 - 6:13am
Goth_SkunkA Year of #GamerGate: From Neutral To Anti To Neutral To Pro by "Stacy" - http://ow.ly/RwVeT08/29/2015 - 6:12am
Brad GlasgowI can't believe Matt Lees deleted his positive review of Ethan Carter because Chmielarz is sympathetic to GG.08/29/2015 - 5:30am
Goth_SkunkA GameDev's Year With #GG: The Good, The Bad, and The Ugly by Adrian Chmielarz - http://ow.ly/RwSCd08/29/2015 - 5:18am
Goth_SkunkDespite not being a fan of fighting games I had to check out that R Mika trailer. Loved it. Still won't buy the game though, on account of Isuckatstreetfighteritis.08/29/2015 - 2:42am
MechaCrashI use a Dynex DX-840 headset, but it's discontinued. :( I wanted a mono headset so I could keep the other ear free for my speakers, but it has the bonus of being very light and comfortable, so you don't notice it.08/29/2015 - 12:41am
Big PermSora - I was just having a slow day at work earlier. Now I'm home with vidya!08/28/2015 - 7:54pm
ZippyDSMleeSora-Chan: Blender is easy compared to 3Dmax :P08/28/2015 - 6:51pm
Sora-Chantime to take up a hobby? maybe messing around in GIMP to make wallpapers? use qCAD to design somethin? open Blender and stare at it for a couple hours trying to figure what does what?08/28/2015 - 6:41pm
Big PermAlso, yes. I've been spamming the shoutbox. I don't have much going on today, don't judge me08/28/2015 - 3:25pm

Be Heard - Contact Your Politician