The Dark Side of Phone Apps

June 4, 2010 -

The Wall Street Journal looks into the "dark side of phone apps" in a new report about the lack of app vetting in Google's Android and Apple's iPhone app stores. While they don't cite too many examples, save some questionable banking apps that Apple banned, the paper solicits the opinions of nameless FBI and security professionals who are "concerned" about malicious software making its way into these stores and in turn on consumers' phones.

As more companies, government agencies and regular consumers use wireless devices to engage in commerce and share private information, the "bad guys" are finding new and creative ways to steal from them and profit from it.

The paper, speaking to "someone familiar with the matter," reports that the FBI's Cyber Division has begun working on these kinds of cases - specifically apps designed to compromise banking on cellphones, as well as mobile "malware" used for "espionage by foreign nations." The FBI has a standing policy that bars its employees from downloading apps on FBI-issued smartphones. The Air Force has a similar policy.

While there is some oversight for most app stores - Google's Android app store has no formal review process. The company has said in the past that it relies on its customers to report malware or other questionable apps first. While some security experts believe Google's Android Market is particularly vulnerable, Google says that it has "put in place security measures, such as remotely disabling apps found to be malicious and requiring developers to register with its Checkout payment service, and argued there's no evidence for claims that its store poses a greater risk than others."

Apple, on the other hand, vets all of its applications before they appear in its App Store, but security on that front can use some improvement too, according to some experts. The most publicized incident happened in July 2008, when Apple pulled the game called Aurora Feint from its store after it was found to be uploading users' contact lists to the game maker's servers. Apple claims that it " takes security very seriously," and that it has "a very thorough approval process and review every app." The company also claims to check the identities of every developer.

Still the iPhone isn't a perfect and safe platform - we'll leave you this scary quote from the WSJ story to think about:

Since 2008, security experts have identified at least 36 security holes in the phone's software, according to a review of the National Vulnerability Database maintained by the Department of Homeland Security. One, identified in September 2009, could have allowed hackers to learn someone's username and password from messages sent to servers when browsing the Web.

Source: WSJ

Posted in

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
Andrew EisenInfophile - Your comment is on the second page. Scroll to the bottom and click "Previous Entries."10/01/2014 - 9:55am
MaskedPixelantehttps://time.com/3450854/amc-netflix-imax-crouching-tiger-hidden-dragon-boycott/ Theatres refuse to show the new Crouching Tiger movie because... well, I'm sure they've got a good PR spin reason, pick one.10/01/2014 - 9:06am
IanCForza Horrizon 2 isn't even out yet, but theres already a 31 car DLC pack, along with a season pass....10/01/2014 - 8:42am
quiknkoldstarting my Halloween Spooktacular Stream today. Every day from 7-11, I'm going to be streaming Spooky games on Twitch.10/01/2014 - 8:37am
MaskedPixelanteSteam is going to start charging us Canadians in CAD. This is bad news... for people who don't use key sellers like GMG and GamersGate.10/01/2014 - 7:23am
InfophileSomething weird was going on with that comment. As soon as I posted it, it looked like it had replies from the past. And now I can't even find it. Ah well, it was getting off-topic for that thread anyway.10/01/2014 - 4:29am
Sleaker@CraigR been using Win8.1 for a while, I don't really see any usability difference between it and 7 (Work uses 7)10/01/2014 - 2:16am
Craig R.Ok, my internal debate was short-lived. If Win10 is still a year out, I'm not waiting that long for an SSD, so on Win7 I will remain.09/30/2014 - 7:52pm
Matthew Wilsonits called windows 10, and I am happy to get the start menu back.09/30/2014 - 7:18pm
Jessy HartIs this stuff about Windows 10 legit? Is it actually called Windows 10 or is it just some stupid joke?09/30/2014 - 6:57pm
ZippyDSMleeSo I been trying to play Bioshock Infinite I got all the DLC,ect but do not want the extras to make your charatcer over powered from the start.....they force you to take them which is quite annoying......09/30/2014 - 6:45pm
Craig R.I need to upgrade to an SSD, still seriously debating moving to Win8.1 from 7 at the same time09/30/2014 - 6:07pm
Craig R.Win10 is probably Win8.1 with more cleanup and the Start button back.09/30/2014 - 6:06pm
Sora-ChanAhh, it's just weird seeing someone's post all of a sudden have replies from days prior before it was posted due to that.09/30/2014 - 5:49pm
MechaTama31sora: I broke the ordering intentionally, as AE's and my conversation had squeezed the text boxes down to be quite slim. I replied to an earlier post of his instead of the one I was actually replying to.09/30/2014 - 5:46pm
MechaTama31So, 9 would have been the good one, but they are skipping it to do two crap ones in a row?09/30/2014 - 5:41pm
Sora-ChanSo, judging from the poll post for #gamergate, it looks like too many thread replies breaks the ordering of posts, as seen with the recent post from Infophile.09/30/2014 - 5:31pm
Andrew EisenOr no! It wasn't Y3K compliant. Microsoft thought it best to super future proof its OS and skipped straight to 10 which is Y3K compliant!09/30/2014 - 5:01pm
Andrew EisenJust tell them it wasn't Y2K compliant.09/30/2014 - 5:00pm
Craig R.Looking forward to having to explain to coworkers down the road what ever happened to 9 *sigh*09/30/2014 - 4:57pm
 

Be Heard - Contact Your Politician