The Dark Side of Phone Apps

June 4, 2010 -

The Wall Street Journal looks into the "dark side of phone apps" in a new report about the lack of app vetting in Google's Android and Apple's iPhone app stores. While they don't cite too many examples, save some questionable banking apps that Apple banned, the paper solicits the opinions of nameless FBI and security professionals who are "concerned" about malicious software making its way into these stores and in turn on consumers' phones.

As more companies, government agencies and regular consumers use wireless devices to engage in commerce and share private information, the "bad guys" are finding new and creative ways to steal from them and profit from it.

The paper, speaking to "someone familiar with the matter," reports that the FBI's Cyber Division has begun working on these kinds of cases - specifically apps designed to compromise banking on cellphones, as well as mobile "malware" used for "espionage by foreign nations." The FBI has a standing policy that bars its employees from downloading apps on FBI-issued smartphones. The Air Force has a similar policy.

While there is some oversight for most app stores - Google's Android app store has no formal review process. The company has said in the past that it relies on its customers to report malware or other questionable apps first. While some security experts believe Google's Android Market is particularly vulnerable, Google says that it has "put in place security measures, such as remotely disabling apps found to be malicious and requiring developers to register with its Checkout payment service, and argued there's no evidence for claims that its store poses a greater risk than others."

Apple, on the other hand, vets all of its applications before they appear in its App Store, but security on that front can use some improvement too, according to some experts. The most publicized incident happened in July 2008, when Apple pulled the game called Aurora Feint from its store after it was found to be uploading users' contact lists to the game maker's servers. Apple claims that it " takes security very seriously," and that it has "a very thorough approval process and review every app." The company also claims to check the identities of every developer.

Still the iPhone isn't a perfect and safe platform - we'll leave you this scary quote from the WSJ story to think about:

Since 2008, security experts have identified at least 36 security holes in the phone's software, according to a review of the National Vulnerability Database maintained by the Department of Homeland Security. One, identified in September 2009, could have allowed hackers to learn someone's username and password from messages sent to servers when browsing the Web.

Source: WSJ

Posted in

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
E. Zachary KnightDoes anyone, or at least any intelligent person, expect a retail branded credit card to be anything close to resembling a "good deal" on interest rates?07/30/2014 - 7:13am
SleakerGamestop articles popping up everywhere about their ludicrous new Credit card offerings at a whopping pre-approval for 26.9% APR07/29/2014 - 10:19pm
Matthew Wilsonhttp://arstechnica.com/tech-policy/2014/07/podcasting-patent-troll-we-tried-to-drop-lawsuit-against-adam-carolla/ the podcasting patent troll scum is trying to turn tail and run.07/29/2014 - 9:50pm
MaskedPixelanteOf course it's improved. At launch, Origin was scanning your entire hard drive, but now it's just scanning your browsing history. If that's not an improvement, I dunno what is!07/29/2014 - 8:59pm
Papa Midnighthttp://www.escapistmagazine.com/articles/view/video-games/columns/experienced-points/12029-Has-EAs-Origin-Service-Improved-Any-Over-the-Last-Two-Years07/29/2014 - 8:25pm
Sora-ChanSo it's just a matter of having better emulation software. If it can be done with a 3DS game, with all the memory and what not it takes up, it can be done with a GBA title through emulation.07/29/2014 - 7:30pm
Sora-ChanOther VC titles for the NES and Gameboy had the same setup where you couldn't access the homescreen without quitting out of the game til a later update when those games were released for the public outside of the founder program.07/29/2014 - 7:28pm
Sora-Chanthe 3DS can, and does, run GBA games, as seen by the founder gifts, which included a number of GBA titles. As for running GBA games and still having access to the home screen, I beleive it's more of the game emulation software needs to be updated.07/29/2014 - 7:27pm
Matthew Wilsonthe 3ds already swaps os's with the original ds. plus I dont think people expect miverse interaction when playing a gba game.07/29/2014 - 6:06pm
MaskedPixelanteBut that's not the issue, the 3DS is perfectly capable of emulating GBA games. The problem is that it doesn't have enough available system resources to run it alongside the 3DS OS, and thus it doesn't have access to stuff like Miiverse and save states.07/29/2014 - 5:45pm
Matthew WilsonI am well aware that it requires more power, but if a GBA emulator could run well on a original psp, than it should work on a 3ds.07/29/2014 - 5:36pm
ZenThe reason the SNES could run Gameboy, or the Gamecube could run GBA was because their adapters included all of the necessary hardware to do it in the respective add-ons. The systems were just conduits for control inputs and video/sound/power.07/29/2014 - 4:51pm
ZenMatthew: Emulation takes more power than people realize to run a game properly. You can make something run on less, but Nintendo...as slow as they are at releasing them..makes them run as close to 100% as possible. Each game has its own emulator for it.07/29/2014 - 4:47pm
Matthew Wilsonkind of hard to believe since the 3ds is atleast as powerful as the gamecube hardware wise.07/29/2014 - 4:27pm
MaskedPixelanteYes, the 3DS has enough power to run 16-bit emulators, but not at the same time it's running the 3DS systems themselves. You could run the games, but you wouldn't get save states or Miiverse.07/29/2014 - 4:04pm
InfophileRunning GBA on 3DS shouldn't be hard. The DS had flashcarts sold for it that added just enough power to emulate GBA and SNES games, so the 3DS should have more than enough natively.07/29/2014 - 3:37pm
MaskedPixelanteIt's a bunch of people whining about boycotting/pirating Trails in the Sky FC because XSEED didn't license the Japanese dub track, which consists of about 10 lines per character.07/29/2014 - 11:27am
Sleaker@MP - devolver Digital issued a twitter statement saying they would replace the NISA pledge.07/29/2014 - 10:57am
E. Zachary KnightIs that a discussion about RIAA member music labels?07/29/2014 - 10:48am
MaskedPixelantehttp://steamcommunity.com/app/251150/discussions/0/43099722329318860/ In this thread: Idiots who don't understand how licensing works.07/29/2014 - 9:20am
 

Be Heard - Contact Your Politician