• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Write for Us
  • Contact
  • Advertise
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Do Not Sell My Personal Information
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

Many popular Android apps remain insecure, unencrypted

Updated on Sep 17, 2014 by Guest Authors

Talk of popular mobile apps on the Android or iOS operating systems and you have Instagram, Facebook, or OkCupid topping the list, among others. While these apps are currently in use by billions of users worldwide, a security research findings show that a lot of famous apps on the Android ecosystem have poor basic security and privacy practices.

The University of New Haven’s Cyber Forensics Research and Education Group has detected vulnerabilities in Instagram, Grindr and OkCupid, to mention a few, based on assessments that sought to validate the apps’ compliance with basic precautions to secure sensitive information of users and practices to keep those users private online.

Unsecure-Android

The same team also conducted security analysis of many mobile apps in the past, but only to a limited number of apps. This time the group worked to broaden the scope of their research and set about identifying flaws and weaknesses in many top-billed apps in Google’s operating system. The vulnerabilities unearthed by the team could affect more than one billion users, which corresponds to the number of Instagram users.

UNHcFREG’s Director Ibrahim Baggili described the way the apps are developed as “sloppy” in reference to how data are handled when the apps exchange data on certain functions. To find out, the team analyzed the traffic using the Wireshark and NetworkMiner tools to see how data are transmitted. In the case of Instagram, photos uploaded by users are found to be in storage on Instagram’s servers without encryption system in place, which means it can be accessed by third-party entities even without authenticating themselves.

Other apps that were found to be liable with the same security lapses include TextPlus, MessageMe, OoVoo,  HeyWire, Tango and Grindr. Considering that these apps are among the favorites in Android, having topped their respective categories in terms of the number of times they were downloaded, shows how far-reaching the security implication could be.

Recipients receive their content in plain HTTP protocol, meaning it is not secured. When this URL is accidentally found in the hands of others, they can easily view the link and the content, which could put the privacy of users in danger.

The research team recommends that those apps remove the images from their servers or at the very least implement a sort of validation process for those who might want to view the contents. But that has never been the case.

Some messages were found to be unencrypted, as in the case with OoVoo and MeetMe.

All these security vulnerabilities make the data exposed to hackers in public wireless networks, in what is known today as man-in-the-middle attack.

Disclosure: As an Amazon Associate, I earn from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Footer

Keychron K4 Wireless Mechanical Keyboard Review – The Biggest & The Best?

Keychron K6 Wireless Mechanical Keyboard Review – Nice Balance Between Design and Function

AuthenTrend AT.Wallet Fingerprint Cryptocurrency Wallet Review – The Coolest One You Can Buy

Yeedi K650 Robot Vacuum Review – A Good Basic Vacuum

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • Samsung Galaxy S21 Ultra Model Number SM-G998* Differences
  • Samsung Galaxy S21+ 5G Model Number SM-G996* Differences
  • Samsung Galaxy S21 5G Model Number SM-G991* Differences
  • How to Read and Write to NTFS Drives on Apple M1 Mac?

Copyright © 2021 · All Rights Reserved