Some Android Apps Could Leak Private Data
According to a study released by researchers at the Leibniz University of Hanover, there are a fairly high percentage of Android apps available on Google Play that mean users details could be exposed because of poor coding practice when transferring data over TLS (Transport Level Security) and SSL (Secure Sockets Layer).
The researchers created a special tool called MalloDroid and when coupled with a fake Wi-Fi hotspot, they successfully managed to exploit 1,074 apps (8% of the apps available on Google Play) and were able to retreive personal details such as email accounts, social media logins and bank account details. In addition, they managed to execute code in order to make other apps behave differently and most worryingly they succeeded to alter requests to transfer funds and hide the changes from users.
The university will be releasing the MalloDroid web app very soon to allow Android users to check for themselves if an application exposes their private data.
Since it’s launch 2 weeks ago, iOS 6 is now on 60% of iPhones and over 45% of iPads (see the full results from Chitika here). Apple must be quite pleased with this result, since Android is lagging with only 22% of users being on the two most recent versions of it’s operating system. That’s an incredible acheivement to think that a complete OS upgrade has happened on so many devices in such a short time. The end result will mean more apps can be developed to take advantage of the new iOS 6 features, plus it should be good news for mobile advertisers.