Mobile City

Most Popular ( 1-4 of 44 )

What are the Biggest Security Threats found in a Decompiled Android App?

By SiliconIndia   |   Friday, December 14, 2012   |    1 Comments
Print Email

Bangalore: In this fast developing mobile world everyone is racing towards getting the latest mobile APIs to make the development cycle shorter and this is affecting the standard development practices. This rush is bringing in many security threats to the apps world.

Cameron McKenzie, wrote on theserverside about their conversation with Godfrey Nolan, Founder of RIIS about how insecure apps have become. Godfrey has an extensive experience on working on all types of Android applications. While going through the process of decompiling, downloading and some detective work, he found only one Android app which he considered to be safe. He also quoted that, “Out of the hundred or so APKs that we've downloaded, we would say that only one was well protected, and everything else had information that was leaking or was available just in plain text if you reverse engineered the code.”

While 'decompiling' you can easily pull out every little information from an Android app including the passwords and other security codes by turning the app into its original source code. Given the fact that, if the developer creates a well developed code then people might not be able to extract critical information so easily.

Godfrey stated some of the security threats that he found inside a decompiled Android app. They are-

1. Everyone will be able to reverse the source code in an Android app using tools like HoseDex2Jar.

2. The code which runs along with the back end contains plain text security records which will allow people to gain access to the back-end of the app.

3. People save a lot of unencrypted data on their mobile devices which makes such data vulnerable in the future.    

So, in order to avoid this problem of insecurity, developers should work hard on creating a secured source code which will protect application data and security credentials from being hacked.

The Mobile Digest is a weekly summary of News, Trends, Reviews, Profiles and Articles from the Mobile Space.
Experts on Mobile
Deepanjan  Paul
System Analyst
Raghu  Mittal
Project lead
Handheld Solutions
Amit  Kankani
Head_Mobile Appl Dev
Eterno Infotech
Sumanth  S
Principal Engineer
Saalis  Umer
IT Professional
Vaibhav  Kulkarni
Sr Product Engg.
BMC Software
Harshvadan  Jani
Sr. Manager
IDEA Cellular Ltd
Abhinav  Sabharwal
Business Analyst
Melstar Technonogy
Write your comment now
Reader's comments(1)
1: Security threat found in Android for more information

It is found that a serious security flaw in some Android Smartphones could allow hackers to have access to the phone data just by sending a text message or getting the users to visit a url , it has emerged. It has been made easier for some...
Posted by:trendsworld - 13 Feb, 2013
This white paper is designed to inform about the advertising opport...
This white paper compares architectural and business model differen...