Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
ESET News Highlights_ESET launches a new blog aimed at insecure Android apps: Android
#1
[Image: id2SZ9C.png]


 
ESET launches a new blog aimed at insecure Android apps: Android App Watch
 
The following information below is quoted/lifted from the ESET Newsroom Highlights https://www.eset.com/int/about/newsroom/highlights/ where ESET unveiled a new blog named Android App Watch to help Android users protect themselves against insecure applications at the recently concluded 2019 Mobile World Congress in Barcelona. Read on below.
Quote:....“Insecurely developed apps, those that put their users’ privacy or money at risk are a growing problem. On one hand, such apps don’t qualify as malware and thus cannot be blocked by security solutions. On the other, the risk they pose may still be severe,” says Lukáš Štefanko, the ESET security researcher driving the project.

Typical examples of security risks associated with apps that are otherwise non-malicious are in app vulnerabilities or on their back-end servers, unencrypted communications between the app and its server, leaking sensitive information and data, bypassing app protection mechanisms, remote code execution or even SQL injection. 

Ultimately, insecure apps are much harder to protect, while being no less of a threat. A poll organized by ESET Researcher Lukáš Štefanko via his Twitter handle, shows that users are aware of this. Of over 3200 participants, 78% think mobile users should be more afraid of insecurely developed apps, compared to the remaining 22% who think malware is a more significant threat. 

Since insecure apps cannot be blocked by security solutions, it is up to users to protect themselves. The problem is that from the user perspective, it is hard to tell an insecure app from a secure one. No clear rules apply here because apps come in too many forms and flavors to fit into simple criteria or patterns. 

What can help in such a situation is a healthy level of suspicion based on general knowledge about how apps are developed, what their business models are and what the overall Android ecosystem looks like. 

The primary goal for the Android App Watch blog is to provide users with information and insight in order to make the right choices about their Android apps. Besides warning users about insecure apps and bad practices in the industry, the Android App Watch is also designed to help the apps’ developers. 

“Before we publish our findings, we report them to the app’s developer, along with advice on how to fix them. Then we wait for the fix and evaluate it to see if it solves the problem,” explains Lukáš Štefanko...

 

The ESET Android App Watch blog can be found at https://androidappwatch.eset.com 

More Info about SOURCE HERE
[-] The following 2 users say Thank You to jasonX for this post:
  • harlan4096, silversurfer
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AWZ Screen Recorder
AWZ Screen Recorder ...zevish — 11:05
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>