Pagoda Blog

Should you trust that App?

April 12, 2013

Mobile applications on Google Android and Apple iOS devices are riddled with vulnerabilities and weaknesses, according to application security vendor Veracode Inc.

Poorly implemented encryption and a bevy of Web application vulnerabilities in Google (NSDQ:GOOG) Android and Apple (NSDQ:AAPL) iOS apps open them up to determined attackers, according to an analysis of mobile application security conducted by Veracode.

The Burlington, Mass.-based application security vendor issued the latest vulnerability statistics in fifth volume of its State of Software Security report, issued this week. The firm said cryptographic vulnerabilities coded into apps impact both platforms. Encryption problems affected 64 percent of Android applications and 58 percent of iOS apps, Veracode found.

"Cryptographic issues significantly weaken data protection," Veracode said in its report. "Attackers with physical control of a mobile device for a small amount of time can jailbreak it and install a backdoor with keyloggers or other malware and/or copy the content."

Return to Pagoda Blog Main Page