Comments
Android Flaw Might Also Affect iOS, Windows
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
SachinEE
50%
50%
SachinEE,
User Rank: Ninja
8/25/2014 | 2:34:25 PM
Re: Interesting (and scary!)
That is right. If there are going to be security checks from the website, there shouldn't be malicious apps tracking user sensitive data (required as login to those websites) to put to use. I think it's time developers made a meeting about such attacks and see if they could change the architecture that supports the regular checkup system in android.
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Author
8/25/2014 | 12:55:05 PM
Re: Defining criteria for apps
Google has already moved to address this with more granular permissions in Android. Given that the technique discussed requires a malicious app to already be installed on the target device, publication of this research isn't likely to change the security situation very much. But clearly the OS vendors need to take a look at this.
eamonwalsh80
50%
50%
eamonwalsh80,
User Rank: Strategist
8/25/2014 | 11:19:23 AM
Interesting (and scary!)
Given that I use both GMail and Amazon apps, I was suitably impressed by the study as well as scared. Personal information in mobile devices is a given these days. The sophistication for Google was the fact that they didn't cache your data at client end so you had to go through their server security checkpoint every single time. But that becomes a vulnerability with a background 'man in the middle' app sniffing around now. By contrast Amazon becomes far more unpredictable to shadow like that. A look at the modern enterprise security report from HP gives more clue (bit.ly/1l8KNdv). Good share!
PedroGonzales
50%
50%
PedroGonzales,
User Rank: Ninja
8/25/2014 | 9:56:39 AM
Re: Defining criteria for apps
I agree. It not worth it to download apps if most of them do not offer proper security.  Specially now that people carry a lot of their personal information on their smartphones.
SaneIT
50%
50%
SaneIT,
User Rank: Ninja
8/25/2014 | 7:28:11 AM
Re: Defining criteria for apps
It makes me wonder if we'll see fewer developers taking the kitchen sink approach to applications.  I see so many apps that want access to half the features of my phone which typically means I don't install it.  Maybe we will get leaner apps with a little more thought put into security and walling off functions.
PedroGonzales
50%
50%
PedroGonzales,
User Rank: Ninja
8/24/2014 | 1:34:37 PM
Re: Defining criteria for apps
I think this is an interesting finding by the university.  The impact of such flaw is huge.  I agree that future developers will be able to take this into consideration as they improve the security of their future applications.  Such information is available only to a small group of individuals specially in academia.  Making this information available to the public in the end benefits developers rather than cause harm.
WaqasAltaf
50%
50%
WaqasAltaf,
User Rank: Ninja
8/24/2014 | 12:33:29 AM
Defining criteria for apps
Thomas, negatives apart, this research will not only help developers of apps to ensure that their apps are secure but also help OS developers to define criteria which must be met if the apps are to be deployed. Must be of more interest to Android as they don't deploy much screening over apps allowed to be installed.
WaqasAltaf
50%
50%
WaqasAltaf,
User Rank: Ninja
8/24/2014 | 12:28:56 AM
Revealing it to hackers
Thomas, the research is impressive but disclosing such weaknesses in public may invite many hackers looking for an idea and now they have it. I think Android, iOS and Windows will not be excited at the university researchers disclosing these facts in conferences followed by masses. 
<<   <   Page 2 / 2


Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.