What are the Biggest Security Threats found in a Decompiled Android App?
Bangalore: In this fast developing mobile world everyone is racing towards getting the latest mobile APIs to make the development cycle shorter and this is affecting the standard development practices. This rush is bringing in many security threats to the apps world.
Cameron McKenzie, wrote on theserverside about their conversation with Godfrey Nolan, Founder of RIIS about how insecure apps have become. Godfrey has an extensive experience on working on all types of Android applications. While going through the process of decompiling, downloading and some detective work, he found only one Android app which he considered to be safe. He also quoted that, “Out of the hundred or so APKs that we've downloaded, we would say that only one was well protected, and everything else had information that was leaking or was available just in plain text if you reverse engineered the code.”
While 'decompiling' you can easily pull out every little information from an Android app including the passwords and other security codes by turning the app into its original source code. Given the fact that, if the developer creates a well developed code then people might not be able to extract critical information so easily.
Godfrey stated some of the security threats that he found inside a decompiled Android app. They are-
1. Everyone will be able to reverse the source code in an Android app using tools like HoseDex2Jar.
2. The code which runs along with the back end contains plain text security records which will allow people to gain access to the back-end of the app.
3. People save a lot of unencrypted data on their mobile devices which makes such data vulnerable in the future.
So, in order to avoid this problem of insecurity, developers should work hard on creating a secured source code which will protect application data and security credentials from being hacked.
Post your Comment
All form fields are required.
© 2014 InfoConnect Web Technologies India Pvt Ltd. all rights reserved