Jump to content


Photo

App security

- - - - -

  • Please log in to reply
3 replies to this topic

#1
aivdesign

aivdesign

    Newbie

  • Validating
  • Pip
  • 14 posts
  • Devices:tmobile-pulse
I'm a bit confused as to the security issues involved with installing apps. Firstly the passwords thing, there are many apps including instant messaging programs, personal assistant tools etc which all require you logging a password and username. They all look like networks not directly affiliated with the company/network I created my password on, for example there are message programs and email management tools that look like they could have been created by some guy in his garage, and certainly not affiliated with microsoft.... I am gusssing for these tools to work, microsoft and other networks provide some kind of gateway or server for developers to use? To send the login info etc and retrieve information. Even if it does seem to work, how do I know the developer is not also sending my account login details to himself or another, as well as the gateway for the network(microsoft or whatever). Could someone please clarify the relationship in which how these new apps connect to sensitve networks/accounts to retrive and send information. And the serucirty issues involved. Also say I wanted to create an app like this, that involved accounts on other networks... how would I go about it?

Secondly when installing apps and it says this one needs your contacts info, settings info etc, give permission? How much of a risk is this really... it is pretty vague. If I give an app permission to any of these things, does that mean immediately it is very easy for the app to get and send any of that data mentioned to anywhere it likes online, without me knowing about it? When I sync my phone to a google account I assume it stores the login details somewhere on my phone... could any apps steal this? Could apps also steal other files on my phone without me knowing about it?

I just want more clarity.

  • 0

#2
aivdesign

aivdesign

    Newbie

  • Validating
  • Pip
  • 14 posts
  • Devices:tmobile-pulse
http://www.androidgu...id-marketplace/

*
It was recently discovered that an application on the Android Marketplace posing as a legitimate banking application was actually a cover for a phishing app attempting to gain user names and passwords. Although the malicious application was quickly identified and removed from the Android Marketplace it is still advised that you check your device for any applications
from developer “Droid09” and delete them immediately.
*

Relative to what I am saying.

Edited by aivdesign, 11 January 2010 - 09:24 PM.

  • 0

#3
B1ny

B1ny

    Regular

  • Members
  • PipPip
  • 73 posts
  • Devices:Nexus1,Liquid,Hero,Qtek9000
I have also been thinking about this, no one knows?

  • 0

#4
stealthcopter

stealthcopter

    Newbie

  • Members
  • Pip
  • 6 posts
It's the same as installing something on your computer, you should just be careful. Android shows what the application asks for access but it can't tell what it's going to do with this permission.

  • 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users