The fact that harckers are lurking is no surprise, but what about news that 185 million users might be vulnerable to thieves who want to steal your data? They won’t divulge which ones, but European researchers say some apps on Android smartphones leave passwords, bank accounts, credit cards, and other sensitive info vulnerable to theft. Eight percent of apps downloaded by the researchers from the official Google Play store were found to have security flaws. The warning was contained in a paper submitted to a Computer Security Conference.
“We’ll use the free WiFi at Starbucks or a hotel or the airport,” says Chester Wisniewski, a senior cyber security adviser at Sophos who helps us understand this stuff. “That allows someone to perform what’s called a ‘man in the middle’ attack. In esence, they can pretend to be the free wifi you’re using and get you to send all your information to them, and then they relay it on to the actual destination. That allows the hacker to sit in the middle, pretend to be a bank and serve basically as a proxy.”
And how do you fight this? Wisniewski says there tends to be more protection when you use an internet browser as compared to opening up an app. Whenever he does anything sensitive while out in the free WiFi world, Wisniewski says he uses the browser, because it’s more likely to alert him if there’s something wrong with a certificate. And why didn’t researchers put up the names of all the vulnerable apps for the world to see? Well, unlike a similar finding recently in which Facebook was pressured directly by researchers to fix an obvious and problematic security vulnerability, the paper’s authors are worried that since the list of problematic apps are in the thousands, it might encourage hackers before it encourages developers to make fixes.
There’s a kind of football pool going on to guess how much Apple will charge for its new device announced today. The one that supposed to look like an iPad that’s been shrunk in the wash. The big iPad starts at $399, so it’s got to be less than that. Tomorrow on Marketplace Tech, we answer the top five questions about the new Apple device. Today, we’d like to hear your questions — so we can consider them when we talk to our experts. Tweet them at us @marketplacetech or post them here.
As a nonprofit news organization, our future depends on listeners like you who believe in the power of public service journalism.
Your investment in Marketplace helps us remain paywall-free and ensures everyone has access to trustworthy, unbiased news and information, regardless of their ability to pay.
Donate today — in any amount — to become a Marketplace Investor. Now more than ever, your commitment makes a difference.