Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Mobile Tech / Android, Apple Mobile Apps Leak Data
Mobile Apps Leak Personal Info on Android, Apple Phones
Mobile Apps Leak Personal Info on Android, Apple Phones
By Mike Kent / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
Mobile apps on Android-powered smartphones and Apple's iPhone can disclose more personal data than most users realize, security vendor Lookout revealed Wednesday at the Black Hat USA 2010 conference in Las Vegas. Rather than being malicious, users often give the apps permission to access data when they are installed.

Lookout CEO John Hering and CTO Kevin Mahaffey told a session titled App Attack: Surviving the Mobile Application Explosion that a popular Android wallpaper app from Jackeey Wallpaper sent users' data, including phone numbers and SIM card numbers, to a server in Shenzhen, China. The wallpapers included My Little Pony and Star Wars.

Free apps can be risky, they said, with about 29 percent of free Android apps and 33 percent of those for the iPhone able to determine a user's location. Apple's iOS does, however, require apps to alert users when location information is accessed. iPhone users can also use the settings to block apps from accessing personal data.

In addition, Hering and Mahaffey said, about eight percent of Android apps and 14 percent of iPhone apps can access user contacts. And 47 percent of Android apps and 23 percent of iPhone apps have third-party code, usually for mobile ads and analytics, but sometimes for other purposes.

They urged app developers to be aware of security practices, especially when third-party code is added. Mahaffey noted, "The lesson today is that developers don't always know what's inside their apps."

Hering added, "Standardized APIs are making it easier and easier to actually create practical attacks. Instead of having to do something complex in a desktop-like environment, I know I can just call the contact API, for example, and have a very simple programmatic way to grab that information."

Tell Us What You Think


David Bowman:
Posted: 2010-08-03 @ 7:52am PT
Thanks for the information. It would be nice if this article included what can be done to stop this issue. Is there a firewall app we can install or Antivirus app?, etc.

Reporting on a problem is for simple news. Real news explains how to stop it from happening.

Just my 2 cents worth,


Posted: 2010-07-29 @ 6:35pm PT
With more and more people opting for a smart phone, be it android, windows mobile or iOS, the possibility of being exposed to a vulnerability makes it essential to have security tools like we have in our PCs.

Just like for PCs, crackers will surely find ways to get into peoples' smart phones and get whatever info they require, and if you are unlucky, maybe your hot scene on bed will be posted to the internet.*-*

Like Us on FacebookFollow Us on Twitter
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.