Sign In

Communications of the ACM

ACM TechNews

Some Mobile Phone Apps May Contain Hidden Behaviors That Users Never See


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Apps on a smartphone.

A team of cybersecurity researchers has found that some apps have hidden secrets that could make them vulnerable to hacking.

Credit: Rami Al-zayat/Unsplash

Cybersecurity researchers at Ohio State University, New York University, and Germany's CISPA Helmholtz Center for Information Security have found that many mobile phone applications may allow others to access private data or block user-provided content through "backdoor secrets."

The researchers assessed 150,000 apps and found that 8.5% contained backdoor secrets that accept certain types of content to activate behaviors unknown to regular users.

Some also possessed built-in master passwords allowing parties to access the app and any private data within it, and some had secret access keys that could trigger hidden options, like bypassing payments.

Others blocked content featuring specific keywords subject to censorship, cyberbullying, or discrimination.

The researchers created the open source InputScope tool to help developers understand flaws in their apps.

From Ohio State News
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account