Results 1 to 8 of 8

Thread: Researchers find thousands of secret keys in Android apps

  1. #1
    Regular Member
    Join Date
    Feb 2013
    Location
    Thru Death's Door in Wisconsin
    Posts
    13,153

    Researchers find thousands of secret keys in Android apps

    Nieh and Viennot discovered all kinds of new information about the content in Google Play, including a critical security problem: developers often store their secret keys in their apps software, similar to usernames/passwords info, and these can be then used by anyone to maliciously steal user data or resources from service providers such as Amazon and Facebook. These vulnerabilities can affect users even if they are not actively running the Android apps. Nieh notes that even "Top Developers," designated by the Google Play team as the best developers on Google Play, included these vulnerabilities in their apps.

    Read more at: http://phys.org/news/2014-06-thousan...roid-apps.html

    http://www.cs.columbia.edu/~nieh/pub..._playdrone.pdf 765 KB 13 pages
    I am responsible for my writing, not your understanding of it.

  2. #2
    Regular Member stealthyeliminator's Avatar
    Join Date
    Dec 2008
    Location
    Texas
    Posts
    3,318
    Wonderful.

    How could that practice not have raised a red flag to any serious developer? Or did it, and they just decided not to act on it?
    Advocate freedom please

  3. #3
    Regular Member
    Join Date
    Feb 2013
    Location
    Thru Death's Door in Wisconsin
    Posts
    13,153
    In the paper linked, much plagiarism is noted, suggesting that some developers are not serious.


    SIMILAR APPLICATIONS
    Leveraging PlayDrone, we introduce a simple approach to identify similar applications in Google Play for the purposes of detecting duplicative content and application clones. Similar applications are those that appear to share the same source code origin, share common design and layout patterns, and offer comparable application level experiences to the end user.
    I am responsible for my writing, not your understanding of it.

  4. #4
    Regular Member Jack House's Avatar
    Join Date
    Jun 2010
    Location
    I80, USA
    Posts
    2,661
    Quote Originally Posted by Nightmare View Post
    In the paper linked, much plagiarism is noted, suggesting that some developers are not serious.
    This probably has to do with the tools used to create the apps, rather than developers stealing code from other developers.

  5. #5
    Regular Member
    Join Date
    Feb 2013
    Location
    Thru Death's Door in Wisconsin
    Posts
    13,153
    Quote Originally Posted by Jack House View Post
    This probably has to do with the tools used to create the apps, rather than developers stealing code from other developers.
    LOL It's a wonder that the authors weren't smart enough to realize that, or maybe it's just wrong?
    I am responsible for my writing, not your understanding of it.

  6. #6
    Regular Member Jack House's Avatar
    Join Date
    Jun 2010
    Location
    I80, USA
    Posts
    2,661
    Smartphones ate stop kinda in their infancy. This is probably a growing pain. I doubt publishers and developers devote a lot of resources for app development

    Sent from my XT907 using Tapatalk

  7. #7
    Regular Member
    Join Date
    Feb 2013
    Location
    Thru Death's Door in Wisconsin
    Posts
    13,153

    Investors pour $1M in app that just says 'Yo' Smartphone's infancy or their lusers?

    A new instant messaging app that only allows users to send a single word to their friends is quickly becoming a hot commodity, raising $1 million in two months, US media reported Wednesday.

    Read more at: http://phys.org/news/2014-06-investors-mn-app-yo.html
    I am responsible for my writing, not your understanding of it.

  8. #8
    Regular Member
    Join Date
    Feb 2013
    Location
    Thru Death's Door in Wisconsin
    Posts
    13,153

    UPDATE! Malware worms its way into more apps thru "cloning," study finds.

    Malicious software is increasingly making its way into mobile phones through "cloned" versions of popular apps, and software weaknesses in legitimate ones, security researchers said Tuesday. McAfee Labs said in its quarterly threat assessment that weaknesses in app security are becoming a growing problem for owners of mobile devices.

    http://phys.org/news/2014-06-malware-worms-apps.html
    I am responsible for my writing, not your understanding of it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •