Android apps security issues 2012


Anyone who owns a smartphone, be it a sleek Apple iPhone or a fully customizable Android device, knows that mobile applications are what brings the “cool” factor to these devices. From small applications that tell the weather or current stock prices, to highly addictive gaming experiences which can suck up hours of your social life, apps are all the rage with smartphone users. This app experience is not just a passing fad, but has become a powerful revenue generating machine for Apple and Google with app downloads crossing the 25 billion and 10 billion mark for these companies, respectively. The application development model is also very conducive for aspiring developers; we hear success stories of startups making it big with breakthrough mobile apps almost every other day. With mobile apps being developed and downloaded at such a fast rate, cyber criminals also unfortunately started taking an interest in apps and the security weaknesses often found within them.

Be it Apple’s App store or Android Market (Google Play), free mobile apps can be found for virtually any kind of activity and downloaded/installed onto a user’s smartphone within a matter a minutes. Of course, it is this very ease that makes apps so tempting a target for malicious attackers who want to use them as backdoor for getting into a person’s smartphone and accessing their sensitive information. A person trusting an app may give it permission to access his/her contact details, calendars and even his physical location – all of which would be a virtual goldmine for an attacker wanting to carry out identity theft. Of course it is not just cyber criminals who are after this data, but also legitimate companies who wish to gather as much data about their customers as possible, which often leads to the breach of a user’s privacy.

Safety tips for app users and developers

The solution for this type of problem has to come at multiple levels. Mobile app users need to be vigilant when downloading and installing free apps and giving them permissions specifically with regards to accessing their address book, calendar, geographic information, sending messages and other sensitive activities. Users should also avoid jailbreaking their devices and side-loading applications, as these activities may end up infecting their devices with malware. Another good practice is to have effective antivirus software loaded onto your smartphone at all times.Mobile app developers should educate themselves about good security practices when it comes to developing these applications. These include the effective use of Android permission model which gives apps the rights to carry out tasks on the smartphone. Any area of the app which the attacker can exploit to his advantage should be minimized to the best extent possible. The sooner users and developers educate themselves on the risks, the sooner they will be able to avoid finding themselves on the receiving end of a data breach.Android security issues make the news just about every day, from malicious apps appearing in the Google Play app store to mobile malware spreading via SMS. While Android is a flexible and easy-to-use mobile operating system available on a wide variety of great devices, the mobile threat landscape has now made it essential for users to install additional security options.

Keep in mind that the most basic security precautions, like password-protecting your device and setting it to auto-lock after a specified period of time, don’t require an app – both of those features can be accessed within Settings > Location & Security. And most Android devices offer a variety of unlock options, including a numeric PIN, a password or a graphical pattern.But don’t stop there. From anti-virus apps (crucial at this point) to enhanced password protection, it’s worth taking a look at several more advanced options. The vast number of security apps available for the platform makes it impossible to cover them all here, but what follows should give you a good sense of the options available when seeking further protection for your Android device and the data that resides on it.

Lookout Security & Antivirus (free)
blocks malware, spyware and Trojans, with user-schedulable daily or weekly anti-virus scans as well as automatic scanning of new apps and files when they’re downloaded. Additional features include the ability to locate a lost or stolen phone on a Google map and activate a loud alarm to help find the device, and the ability to back up and restore the user’s contact list. Lookout Premium ($29.99/year or $2.99/month) adds phishing protection, privacy protection, remote lock and data wipe functionality, and the ability to back up and restore the user’s photos and call history in addition to contacts.

avast! Mobile Security (free)
provides a wide range of functionality, including a Virus Scanner that enables on-demand scans of all apps installed on the device and SD card, along with scans of any newly installed apps upon initial execution. The Privacy Advisor displays the access rights and intents of installed apps, identifying any potential privacy risks. The Application Manager shows a list of running apps along with their size, CPU load, used memory, and number of threads and services, and enables the user to stop or uninstall any app as needed. The Web Shield scans every URL loaded on the device, and warns the user if a malware-infected site is being accessed. The SMS and Call Filter can be used to filter calls and/or messages from the user’s contact lists. The Firewall, usable only on rooted phones, can disable an app’s Internet access when on Wi-Fi, 3G, and roaming networks. Finally, Anti-Theft features include the ability to disguise the app with a custom name, to hide the app icon in the app tray, and more. If a device is lost or stolen, it can be remotely prompted to sound a siren, lock, display a custom message, be located on a map, be wiped remotely, and more.

AVG Antivirus Free

scans all apps, settings, files, and media in real time; guards against phishing attacks; blocks access to malicious Web sites; kills tasks that slow down or freeze the device; and allows users to locate a lost or stolen phone via Google Maps, lock the device remotely, display a custom lock screen message, and make the phone ring even if it’s on silent mode. AVG Antivirus Pro ($9.99) adds battery and storage optimization, along with the ability to secure apps from being accessed by others using your phone, and the ability to back up all apps to the user’s SD card.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>