Click on the icons!

FacebookTwitterRSSYoutube

Severe Security Leak Discovered in Android Apps

Share Button

Android anti-virus appBERLIN, Germany – Scientists from Leibniz University of Hannover, and Philipps University of Marburg, have discovered a security leak that exposes users of certain Android apps.

The team of computer scientists published research regarding the data exposed by Android applications, especially those dedicated to online banking, email, instant messaging services, and social networks. The result showed that the apps use insufficient encryption shields and that there are leaks in the operating system. The scientists recognized 41 apps for Android 4.0 Ice Cream Sandwich in the Google Play Store that leak personal information.

The findings highlight the weakness of SSL and TLS protocol as implemented in Android, that are the base for encrypted connections to websites. At the same time, while users consider the technology to be safe and protective, Android fails to secure personal data.

They also suggested some methods to face the problem, such as to use static analysis while an application is being installed, or to use certificate pinning, that makes it more difficult to accept fraudulent certificates. Developers are also recommended to generate a method that will show to the users when the connection is encrypted or not.

Share Button

By , International Correspondent, Rethymno (Greece) office

Published on Oct 31st, 2012 GMT +2

Comments


Fatal error: Uncaught Exception: 12: REST API is deprecated for versions v2.1 and higher (12) thrown in /home/phonerpt/public_html/wp-content/plugins/seo-facebook-comments/facebook/base_facebook.php on line 1273