By Iain Thomson, 21 Aug 2014
Sloppy programming, poor patching, and unreliable trust engines are rife within Android apps, according to a new study. In short, millions smartphone users are potentially wide open to man-in-the-middle attacks, it's claimed.
Researchers at security firm FireEye went through the 1,000 most popular Android applications from the Google Play store and found that a large majority of them were open to at least man-in-the-middle attacks, thanks to faulty SSL error and certificate handling. For the top 10,000 apps that figure was 60 per cent.
"The Android ecosystem is all about communicating, and right now it's screaming for help," the team said in a blog post. "That's because SSL vulnerabilities and the Man-In-The-Middle (MITM) attacks they enable are wreaking havoc on data security."
The Register/ Full Article Here/ http://www.theregister.co.uk/2014/08/21/slapdash_ssl_leaves_majority_of_android_app_in_play_store_open_to_hacking/
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.