The Dark Side of Phone Apps

June 4, 2010 -

The Wall Street Journal looks into the "dark side of phone apps" in a new report about the lack of app vetting in Google's Android and Apple's iPhone app stores. While they don't cite too many examples, save some questionable banking apps that Apple banned, the paper solicits the opinions of nameless FBI and security professionals who are "concerned" about malicious software making its way into these stores and in turn on consumers' phones.

As more companies, government agencies and regular consumers use wireless devices to engage in commerce and share private information, the "bad guys" are finding new and creative ways to steal from them and profit from it.

The paper, speaking to "someone familiar with the matter," reports that the FBI's Cyber Division has begun working on these kinds of cases - specifically apps designed to compromise banking on cellphones, as well as mobile "malware" used for "espionage by foreign nations." The FBI has a standing policy that bars its employees from downloading apps on FBI-issued smartphones. The Air Force has a similar policy.

While there is some oversight for most app stores - Google's Android app store has no formal review process. The company has said in the past that it relies on its customers to report malware or other questionable apps first. While some security experts believe Google's Android Market is particularly vulnerable, Google says that it has "put in place security measures, such as remotely disabling apps found to be malicious and requiring developers to register with its Checkout payment service, and argued there's no evidence for claims that its store poses a greater risk than others."

Apple, on the other hand, vets all of its applications before they appear in its App Store, but security on that front can use some improvement too, according to some experts. The most publicized incident happened in July 2008, when Apple pulled the game called Aurora Feint from its store after it was found to be uploading users' contact lists to the game maker's servers. Apple claims that it " takes security very seriously," and that it has "a very thorough approval process and review every app." The company also claims to check the identities of every developer.

Still the iPhone isn't a perfect and safe platform - we'll leave you this scary quote from the WSJ story to think about:

Since 2008, security experts have identified at least 36 security holes in the phone's software, according to a review of the National Vulnerability Database maintained by the Department of Homeland Security. One, identified in September 2009, could have allowed hackers to learn someone's username and password from messages sent to servers when browsing the Web.

Source: WSJ

Posted in

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
Andrew EisenFant4stic. Ugh, they're doing the "replace a letter with a number" thing. I hate that. Does anyone think that's cool or attractive? Anyone at all?01/27/2015 - 1:56pm
IvresseEh, trailer's still better than all the Fantastic Four movies combined, tbh...01/27/2015 - 12:45pm
Matthew WilsonIt will never happen, but I wish fox would sell the rights back to disney.01/27/2015 - 11:05am
E. Zachary KnightWell, they went with whimsical and carefree for the first two and they bombed, so now they have swung the pendulum all the way in the other direction hoping it works.01/27/2015 - 11:01am
Andrew EisenIt's like Fox is trying to scare us off.01/27/2015 - 10:57am
Andrew EisenMaybe I'm just a curmudgeon but this is so amazingly the wrong tone for the Fantastic Four. https://www.youtube.com/watch?v=e-BVs-KCSiA01/27/2015 - 10:53am
ConsterSince the ads are in the USA, you're technically correct. Personally, though, I feel the same way as you but in the opposite order: while the ads were legal and the defacing isn't, I really appreciate the sentiment.01/27/2015 - 8:21am
MechaTama31I appreciate the sentiment of the Ms Marvel thing, but defacing *is* still defacing, and free speech is a license to spread hate, if that's really what you want to do with it.01/27/2015 - 7:42am
ConsterAm I the only one imagining the Deep Silver spokesperson making scare quotes Dr Evil style while saying 'incorrectly classified'?01/27/2015 - 7:22am
Michael Chandrahttp://www.telecompaper.com/news/kpn-vodafone-fined-for-net-neutrality-violations--106167501/27/2015 - 5:10am
Michael ChandraThe other for allowing people to watch HBO through an app without being charged for the data-traffic, which was steering customers in their internet behaviour. Both of them against the Net Neutrality Law. 01/27/2015 - 5:10am
Michael ChandraYay, two dutch telephone companies got fined. :) One for blocking selective traffic at their free wifi-hotspots (internetcalling amongst others, prolly Skype and such).01/27/2015 - 5:09am
Andrew EisenHow many people do you think will return their copy for a censored version of the game? My money is on zero.01/27/2015 - 12:47am
Goth_Skunk@Cheater: If I were an Australian consumer, there's no way I'd be returning it.01/26/2015 - 10:43pm
Cheater87Ooops http://stevivor.com/2015/01/ps4-copies-saints-row-iv-re-elected-undergoing-product-recall-australia/01/26/2015 - 10:13pm
Andrew EisenOkay, well I've passed the request along.01/26/2015 - 9:03pm
ZippyDSMleeI loath itunes..........01/26/2015 - 9:02pm
Goth_SkunkUNLESS you haven't downloaded the most 3 recent episodes. Then it cancels your subscription automatically.01/26/2015 - 8:56pm
Goth_Skunk@AE: No. iTunes instead just downloads it automatically, provided you've set it up to do so in your preferences.01/26/2015 - 8:56pm
Andrew EisenAnyone know if iTunes sends email notifications when there's a new episode of a podcast you're subscribed to?01/26/2015 - 8:30pm
 

Be Heard - Contact Your Politician