The Dark Side of Phone Apps

June 4, 2010 -

The Wall Street Journal looks into the "dark side of phone apps" in a new report about the lack of app vetting in Google's Android and Apple's iPhone app stores. While they don't cite too many examples, save some questionable banking apps that Apple banned, the paper solicits the opinions of nameless FBI and security professionals who are "concerned" about malicious software making its way into these stores and in turn on consumers' phones.

As more companies, government agencies and regular consumers use wireless devices to engage in commerce and share private information, the "bad guys" are finding new and creative ways to steal from them and profit from it.

The paper, speaking to "someone familiar with the matter," reports that the FBI's Cyber Division has begun working on these kinds of cases - specifically apps designed to compromise banking on cellphones, as well as mobile "malware" used for "espionage by foreign nations." The FBI has a standing policy that bars its employees from downloading apps on FBI-issued smartphones. The Air Force has a similar policy.

While there is some oversight for most app stores - Google's Android app store has no formal review process. The company has said in the past that it relies on its customers to report malware or other questionable apps first. While some security experts believe Google's Android Market is particularly vulnerable, Google says that it has "put in place security measures, such as remotely disabling apps found to be malicious and requiring developers to register with its Checkout payment service, and argued there's no evidence for claims that its store poses a greater risk than others."

Apple, on the other hand, vets all of its applications before they appear in its App Store, but security on that front can use some improvement too, according to some experts. The most publicized incident happened in July 2008, when Apple pulled the game called Aurora Feint from its store after it was found to be uploading users' contact lists to the game maker's servers. Apple claims that it " takes security very seriously," and that it has "a very thorough approval process and review every app." The company also claims to check the identities of every developer.

Still the iPhone isn't a perfect and safe platform - we'll leave you this scary quote from the WSJ story to think about:

Since 2008, security experts have identified at least 36 security holes in the phone's software, according to a review of the National Vulnerability Database maintained by the Department of Homeland Security. One, identified in September 2009, could have allowed hackers to learn someone's username and password from messages sent to servers when browsing the Web.

Source: WSJ

Posted in

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
Neo_DrKefkaI am a little disturbed that members of #GamerGate are supporting and not holding its same members accountable when they say remarks that are unacceptable!10/20/2014 - 11:39pm
Neo_DrKefkaSome #GamerGate people are defending @kingofpol many are however lashing out at him but if we held Sam Biddle accountable and Gawker so must we hold @kingofpol and #GamerGate10/20/2014 - 11:30pm
Neo_DrKefkaA big name in the Gamergate movement Kingofpol uses a offensive term about autistic people and in turn the entire GamerGate community lashes out at him. We do not need false leaders who think they can say anything https://twitter.com/Kingofpol10/20/2014 - 11:07pm
Papa MidnightMP, honestly, I'm struggling to make heads or tales of the events being outlined in that reddit thread. I've never heard of Siliconera before, either.10/20/2014 - 10:48pm
MaskedPixelantehttp://www.reddit.com/r/vita/comments/2jbn6u/former_siliconera_moderator_leaks_screenshots_of/ Siliconera mods accused of deleting user comments that were pro Vita.10/20/2014 - 9:23pm
quiknkoldhttp://www.diamondbackonline.com/opinion/article_3fbc52ec-57eb-11e4-ba91-0017a43b2370.html10/20/2014 - 9:16pm
Neo_DrKefkaId love to see people come 2gether whether your 4 or against gamergate to gather 2gether and support an anti bullying charity and I would love to see a pro and anti gamegate debate on a neutral platform that promotes discussion and solutions10/20/2014 - 8:33pm
Neo_DrKefkaWhen someone was seriously hurt by a violent altercation. They have a prospective that people who have not had this experience lack. Bullying is a serious issue10/20/2014 - 8:30pm
Papa MidnightStraw Man to the fullest, but it gets the point across.10/20/2014 - 8:26pm
Papa Midnighthttp://i.imgur.com/dw0YPon.png10/20/2014 - 8:25pm
quiknkoldby doing something, Charitable Donations is an example.10/20/2014 - 8:06pm
quiknkoldAndrew : I dont accept any worded apology unless I can look the person in the eye when they say it. For me, he'd either have to make a video so I could read his bodylanguage, or actually do something. actions speak louder than words.10/20/2014 - 8:04pm
quiknkoldwell if they are looking for social pollution, Twitter is a great breeding ground for it. Its a breeding ground for deviance.10/20/2014 - 8:03pm
Andrew Eisenquiknkold - He had three tweets worth of apology the following day.10/20/2014 - 8:00pm
quiknkoldyou know, people keep saying Biddle's comment was sarcasm, but the thing is, Sarcasm doesnt translate well in Tweets. I took his words as really hateful, and unless I see an honest apology, I'm not going to be happy with him.10/20/2014 - 7:38pm
Matthew WilsonI doubt it will change much.10/20/2014 - 7:21pm
MaskedPixelantehttp://www.bbc.com/news/technology-29689949 Google's current piracy fighting plan.10/20/2014 - 6:58pm
Andrew EisenYikes. http://boingboing.net/2014/10/20/vultures-circle-gamergate.html10/20/2014 - 6:25pm
Neo_DrKefkaDestructoid Editor in Chief stepping down after allegations surface about blacklisting will he be next? http://allmannerofnerdery.tumblr.com/post/100526443850/im-leaving-destructoid10/20/2014 - 6:05pm
james_fudgethere's some inside baseball stuff going on in this Andrew - likely some stuff we don't know10/20/2014 - 3:30pm
 

Be Heard - Contact Your Politician