Some 90 percent of iOS mobile applications have at least one security vulnerability, according to HP research quoted by ZDNet. The company`s enterprise security team, HP Fortify, tested 2,107 mobile apps from the Forbes Global 2000, published by more than 600 developers.
The research showed that 86 percent of iOS apps that accessed private data, such as address books or Bluetooth connections, had insufficient security measures in place to prevent hacking.
Most applications tested lacked binary hardening protection that should prevent problems such as buffer overflows, path disclosure and jailbreak detection.
Mike Armistead, HP Fortify vice president and general manager for Enterprise Security Products, told ZDNet that 71 percent of the vulnerabilities found were actually problems on the server end of the app, usually common vulnerabilities such as SQL injection and cross-site scripting bugs.
HP research also showed 3 in 4 apps didn`t encrypt personal data, including passwords, before storing it on the device. At the same time, 18 percent of the apps tested sent data over the network without SSL encryption. The same percentage used SSL incorrectly, which could allow anyone, including hackers, to snoop on private data by simply connecting to a Wi-Fi network.
Though it only tested iOS apps, HP said there are indicators to believe the same problems exist on the Android platform too. Several Bitdefender studies already showed Android users are vulnerable to hacking and malware attacks. Recent research of the antivirus company revealed 1.2 percent of the Google Play Store consists of thief-ware, as many apps are stolen from other developers and re-engineered for illicit gains.
tags
Bianca Stanescu, the fiercest warrior princess in the Bitdefender news palace, is a down-to-earth journalist, who's always on to a cybertrendy story.
View all postsNovember 14, 2024
September 06, 2024