Tech News, Magazine & Review WordPress Theme 2017
  • Tech
    • Android
    • Home Tech
    • Medical Tech
    • Artificial Intelligence
    • APK
    • Apple
  • Business
    • Startups
    • Marketing
  • Reviews
    • Best Apps
    • Software
    • VPNs
  • Blogging
    • SEO
  • Crypto
    • Blockchain
  • Contact Us
    • About us
    • Careers
    • Privacy Policy
    • Use of Cookies
No Result
View All Result
Techavy
  • Tech
    • Android
    • Home Tech
    • Medical Tech
    • Artificial Intelligence
    • APK
    • Apple
  • Business
    • Startups
    • Marketing
  • Reviews
    • Best Apps
    • Software
    • VPNs
  • Blogging
    • SEO
  • Crypto
    • Blockchain
  • Contact Us
    • About us
    • Careers
    • Privacy Policy
    • Use of Cookies
No Result
View All Result
Techavy
No Result
View All Result

Android Applications: Safe or Scary?

by Abhishek Yadav
July 8, 2021
Android Applications: Safe or Scary?
561
SHARES
3.7k
VIEWS
Share on FacebookShare on Twitter

Mobile devices have become a major part of peoples’ lives. This 24/7 level of connectedness have many different impacts on our society. However, one that people don’t seem to pay much attention to are the impacts on personal privacy. After all, mobile phones are portable sensor suites, with more data collection mechanisms than you can name. At a minimum, they can know where you are (GPS), everything you say (microphone), and everything that you take pictures of. By using a mobile device, you’re trusting the manufacturer to not collect or abuse this data.

And even if you trust mobile phones, mobile applications are notorious for poor security. A common example is flashlight apps that secretly steal your data and send it to hackers, but this is only the tip of the iceberg. Even legitimate applications like reputable VPNs have been known to have application security issues that allow them to be hacked or eavesdropped upon.

Mobile phones and apps have become an integral part of the fabric of most peoples’ lives. So, what do we have to worry about?

Vulnerable Applications

Recent research has demonstrated that one major concern when using mobile apps is the security of the apps themselves. Even if you trust the app creator (they’re from a reputable company, many downloads, good reviews, etc.), it doesn’t mean that they’re secure.

An in-depth study of a few Android mobile apps painted a depressing picture of Android app security. Of the apps studied, 47% of them contained high-risk security vulnerabilities. The most common vulnerability (at 76% of the apps in question) was insecure data storage, where sensitive information (like PIN numbers, credit card data, etc.) was insecurely saved on the phone, increasing the probability of leakage.

However, the apps themselves are only half of the relationship. Web apps act as a client to a server hosted on the company’s network or in the cloud. This server is responsible for any heavy lifting in computation, secure data storage, etc. As a result, even if an app is “secure”, it can still be vulnerable to attack if the server or the client-server communications are insecure.

RelatedPosts

Why do people like to bet on eSports on their Android smartphones?

What is the difference between React Native and ReactJS

As part of the same study, the researchers examined the servers associated with each of the apps being studied. Of these servers, all of them were found to have some vulnerability that could affect the security of the app and its user. The details of the vulnerabilities varied from server to server, but many had a form of information leakage or the ability to take over a user’s session with the server (granting access to their account).

Bypassing Permissions

The study regarding application vulnerabilities made the assumption that the applications are benign but accidentally vulnerable to attack. However, not all applications play by the rules. Some Android apps have been found to deliberately ignore user preferences in order to illegally collect data. Android (and Apple) manages the powers granted to applications using a permissions-based model. All functionality that can be dangerous to the user has permissions associated with it that apps must explicitly request. The user is presented with these permission requests as they’re needed and can allow or deny access.

However, a recent study has discovered that thousands of Android apps deliberately circumvent these restrictions. This is accomplished by finding alternative means of the same information. One example is tracking the user’s location. Access to location is one of the permissions that users can deny to apps. However, there are multiple different sources for the same information.

One example of this is taking advantage of access to the user’s photo library. Photos commonly have a type of data called EXIF data that often includes information about where and when the picture was taken. If an app has access to the photos, they can read this data and find out where the phone was at certain times. If a user takes photos regularly (which many people do), this can be used as a means of tracking the user’s movements.

Another way that apps gain access to location information is by monitoring available Wi-Fi networks. Wi-Fi networks are often location-specific, so if an application can determine that you’re within range of a Wi-Fi network, they have a coarse idea of your location. Using multiple networks, it’s possible to triangulate and get a finer location.

For the data that doesn’t have an easy alternative means of collection, some apps will look for unsecured data from other applications. For example, if you give one app access to data and deny it to another, the other app may scan the phone’s SD card to see if the first app stored anything sensitive in an insecure fashion. The study found 168 apps with that capability, 13 of which were actively doing so.

Securing Your Mobile

Mobile devices are extremely convenient, but they can also be a significant threat to personal security. Whether they’re benign but insecure or actively working to circumvent permissions, the apps installed on a mobile device can be used to collect information about or attack their users. Before installing a mobile application, it’s important to consider whether it is actually necessary, and, if so, to lock it down to the minimum set of permissions that it needs to do its job and grant them on a case-by-case basis. Just because an app has a legitimate use for a permission one time doesn’t mean that it won’t abuse it later.

 

1.7k
SHARES
ShareTweet

Subscribe to Techavy to never miss out on the latest tech news!

Unsubscribe
Abhishek Yadav

Abhishek Yadav

Hello, I am Abhishek Yadav, I am an Internet Marketer and a Blogger. along with blogging I also have some Programming and content marketing skills. Connect with me on Twitter @Abhinemm to know more about me :)

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • 123MOVIES Unblocked – Ten 123 Movies Proxies and Mirrors

    123MOVIES Unblocked – Ten 123 Movies Proxies and Mirrors

    4357 shares
    Share 1689 Tweet 1056
  • Kickass Proxy – 30 KAT Mirror Sites & Proxies ~ KAT UnBlocked.

    8832 shares
    Share 3518 Tweet 2199
  • SixAxis Controller App APK Free Download 2021

    4196 shares
    Share 1676 Tweet 1048
  • Google Play Store Download Free

    6210 shares
    Share 2484 Tweet 1553
  • Hotstar Premium APK Download – Free Hotstar premium Account

    11543 shares
    Share 4617 Tweet 2886

Latest Posts

Designing a Website: The Do’s and Don’ts

Designing a Website: The Do’s and Don’ts

June 27, 2022
Sip Trunking Is An Excellent Service When Done In The Right Way

Sip Trunking Is An Excellent Service When Done In The Right Way

June 23, 2022
New slot mechanics 2022

New slot mechanics 2022 – Follow the trends in the gambling world

June 1, 2022
Why Every Small Business Should Digitize Their Enterprise Operations in 2022

Why Every Small Business Should Digitize Their Enterprise Operations in 2022

June 1, 2022
How Small Businesses Can Win Over Gen Z

How Small Businesses Can Win Over Gen Z

May 28, 2022
PHP Developers Outsourcing: 5 Benefits You Didn’t Know

PHP Developers Outsourcing: 5 Benefits You Didn’t Know

May 27, 2022
Learn about technology, product reviews, SEO, AI and more on Techavy.com
Techavy

© 2021 Techavy | All Rights Reserved.

Resources

  • Home
  • About us
  • Contact Us
  • Privacy Policy
  • Careers

Connect With Us

No Result
View All Result
  • Home
  • Tech
  • Business
  • Software
  • Android
  • Blogging
  • Gaming
  • Startups
  • Review
  • Use of Cookies
  • Privacy Policy
  • About us
  • Contact Us

© 2021 Techavy | All Rights Reserved.