Cybersecurity researchers at Ohio State University, New York University, and Germany's CISPA Helmholtz Center for Information Security have found that many mobile phone applications may allow others to access private data or block user-provided content through "backdoor secrets."
The researchers assessed 150,000 apps and found that 8.5% contained backdoor secrets that accept certain types of content to activate behaviors unknown to regular users.
Some also possessed built-in master passwords allowing parties to access the app and any private data within it, and some had secret access keys that could trigger hidden options, like bypassing payments.
Others blocked content featuring specific keywords subject to censorship, cyberbullying, or discrimination.
The researchers created the open source InputScope tool to help developers understand flaws in their apps.
From Ohio State News
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found