This article was first published by The Times of Israel and was re-posted with permission.
The next smartphone app you download could be riddled with bugs that would allow a hacker to take control of your device or steal data from it – and if not your next downloaded app, then maybe the one after that.
Sixty percent of all smartphone apps, according to a study by Israeli cyber-security start-up Checkmarx, have “high” or “critical” security problems in several of seven security protocols studied. Overall, four out of every 10 apps have some major flaw that could allow a hacker to get control of a device’s data, or the device itself.
The study examined reported security breaches on iOS, the operating system used in Apple’s iPhone and iPad, and the Android system used by most other smartphone manufacturers.
The poor security performances come despite the claims by the vast majority of developers of apps for both platforms that there is no way they would release an app unless it were fully secure.
And iPhone owners needn’t be smug about the results, the study showed. While iOS users believe that they are safer because of Apple’s “walled garden” approach to apps, where an Apple team supposedly vets every piece of software offered in the App Store for, among other things, cyber-safety, App Store apps are no safer than those designed for Android systems.
In fact, apps written for the free-wheeling, anything-goes Android development environment, where any app can be loaded on to a device without being checked by a committee, are somewhat less security challenged than iOS apps. According to Checkmarx, “40 percent of the detected vulnerabilities on iOS tested applications were found to be critical or high severity,” while 38 percent of Android apps had the same problem.