x404.co.uk
http://www.x404.co.uk/forum/

Android apps 'leak' personal details
http://www.x404.co.uk/forum/viewtopic.php?f=19&t=17481		 Page 1 of 1
Author:  AlunD [ Mon Oct 22, 2012 11:47 am ]
Post subject:  Android apps 'leak' personal details
Quote:
Millions of people are using Android apps that can be tricked into revealing personal data, research indicates.

http://www.bbc.co.uk/news/technology-20025973
A little worrying ............ :?
Author:  Amnesia10 [ Mon Oct 22, 2012 12:10 pm ]
Post subject:  Android apps 'leak' personal details
It will be addressed eventually. Does not affect me.


Sent from my iPhone using Tapatalk
Author:  big_D [ Tue Oct 23, 2012 4:42 am ]
Post subject:  Re: Android apps 'leak' personal details
Android catching up with iOS then... :lol:
Author:  bobbdobbs [ Tue Oct 23, 2012 6:07 am ]
Post subject:  Re: Re: Android apps 'leak' personal details
big_D wrote:
Android catching up with iOS then... :lol:

Apple to sue Android for blatantly copying their revolutionary magical feature :lol:
Author:  jonbwfc [ Tue Oct 23, 2012 7:01 am ]
Post subject:  Re: Android apps 'leak' personal details
From the description in the article, it's not an issue with Android per se, it's an issue with badly coded applications that aren't using encrypted traffic when sending data over wifi. They are presumably assuming the encryption on the wifi network itself is good enough, without accounting for the fact the thing at the other end of the transmission may have been compromised.

The only difference is Apple's certification checks may look for this (I don't know if they do but I've never heard of this particular problem being widespread in iOS apps so I suspect they do) whereas because Android is a free market, there's nothing keeping badly coded apps from wide adoption if they look 'useful'. Nevertheless it remains primarily a problem with poor app code, not poor OS code.

Jon
Author:  Amnesia10 [ Wed Oct 24, 2012 11:24 am ]
Post subject:  Re: Android apps 'leak' personal details
jonbwfc wrote:
From the description in the article, it's not an issue with Android per se, it's an issue with badly coded applications that aren't using encrypted traffic when sending data over wifi. They are presumably assuming the encryption on the wifi network itself is good enough, without accounting for the fact the thing at the other end of the transmission may have been compromised.

The only difference is Apple's certification checks may look for this (I don't know if they do but I've never heard of this particular problem being widespread in iOS apps so I suspect they do) whereas because Android is a free market, there's nothing keeping badly coded apps from wide adoption if they look 'useful'. Nevertheless it remains primarily a problem with poor app code, not poor OS code.

Jon

For most people the risks are minimal if not non existent. You would need someone to actively exploit this hole to be at risk. So while iOS users may not be affected by this I suspect that this is also a non issue for most Android users as well.
Author:  jonbwfc [ Wed Oct 24, 2012 12:38 pm ]
Post subject:  Re: Android apps 'leak' personal details
Amnesia10 wrote:
For most people the risks are minimal if not non existent. You would need someone to actively exploit this hole to be at risk. So while iOS users may not be affected by this I suspect that this is also a non issue for most Android users as well.

Indeed. You'd have to be connected to a compromised AP for it to be an issue, regardless of the platform you're using at the time. if the app is you're then using is sending unencrypted data, you have a problem. It's a very specific set of circumstances.

Jon
Page 1 of 1 All times are UTC
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/