I have personally written more than twenty android applications for clients and none has ever received a complain.However,most developer have been writing android applications that have now become a cinch for many, with the myriad of books and websites offering guidance and advice.This is the reason am worried that millions of Android operating system users are putting themselves at risk when installing and using applications from the Android Market because the problem with consumers writing application for consumers is that they are not security experts and they lack skills.Before you download an application,Ask yourself, what does your app really 'need' to know to function.
In some cases,i have seen developers just ask for the full gamut of access when it is really not necessary and could compromise your phone.While developing application,i have always ensured there is security validation before such programs are made available in the marketplace but for others same is not applied and this has led to a rising number of vulnerabilities and threats that have proved catastrophic.Two days ago,a Dane female friend called me seeking assistance after she downloaded an application that was one of those that lack security features.In my own investigations,one such threat is "app phishing," which allows a hacker to intercept the usernames and passwords supplied to popular applications.
This type of attacks,i expect them to increase in the coming months due to the ubiquity of Android phones that are now flooding the market.I told my Dane friend that the catch-up game the platform is currently playing to match the Apple App Store as my thoughts on why a security validation process remains absent from the Android Market.However,as a developer i do not know the reason why Google has failed to address this issue because it's not a question of why they can't do it, they can. However there could be an underlying issue, business-related or otherwise, that is hindering the implementation of security validation processes.Over 20 developers have been asking me this question many times and with majority of them being in Europe.
In some of my replies,i have said that compromising a single Google service is sometimes all it takes for an attacker to push malware to the service account owner's Android phone.Consumers should also be aware of the types and level of permission granted to apps when using them, as the responsibility and burden of security decisions currently lies with the user.I have no problem with Android store buy if you are a consumers, extra precaution should be exercised when installing new applications on your phone.Please ensure that the app should first come from a trusted vendor, and should be older than 90 days in the marketplace.
Ratings and comments from other users are also good indicators of whether an application is trustworthy but be aware that the ratings could also be faked.As a rule of thumb, malware does not last long in the marketplace. While chosing the application and you see an application that is just five days old and from an unknown vendor with little downloads and a five star rating you better think twice.In the event your phone becomes infected by malware or other threats,the best option is to reset your phone and reinstall everything afresh.I do advise users to treat mobile application the same way they would treat an e-mail attachment.
In some cases,i have seen developers just ask for the full gamut of access when it is really not necessary and could compromise your phone.While developing application,i have always ensured there is security validation before such programs are made available in the marketplace but for others same is not applied and this has led to a rising number of vulnerabilities and threats that have proved catastrophic.Two days ago,a Dane female friend called me seeking assistance after she downloaded an application that was one of those that lack security features.In my own investigations,one such threat is "app phishing," which allows a hacker to intercept the usernames and passwords supplied to popular applications.
This type of attacks,i expect them to increase in the coming months due to the ubiquity of Android phones that are now flooding the market.I told my Dane friend that the catch-up game the platform is currently playing to match the Apple App Store as my thoughts on why a security validation process remains absent from the Android Market.However,as a developer i do not know the reason why Google has failed to address this issue because it's not a question of why they can't do it, they can. However there could be an underlying issue, business-related or otherwise, that is hindering the implementation of security validation processes.Over 20 developers have been asking me this question many times and with majority of them being in Europe.
In some of my replies,i have said that compromising a single Google service is sometimes all it takes for an attacker to push malware to the service account owner's Android phone.Consumers should also be aware of the types and level of permission granted to apps when using them, as the responsibility and burden of security decisions currently lies with the user.I have no problem with Android store buy if you are a consumers, extra precaution should be exercised when installing new applications on your phone.Please ensure that the app should first come from a trusted vendor, and should be older than 90 days in the marketplace.
Ratings and comments from other users are also good indicators of whether an application is trustworthy but be aware that the ratings could also be faked.As a rule of thumb, malware does not last long in the marketplace. While chosing the application and you see an application that is just five days old and from an unknown vendor with little downloads and a five star rating you better think twice.In the event your phone becomes infected by malware or other threats,the best option is to reset your phone and reinstall everything afresh.I do advise users to treat mobile application the same way they would treat an e-mail attachment.
WWW.WANARUA.COM
No comments:
Post a Comment