Android Smartphone Security And Instagram App Testing

Android Smartphone Security

Our daily lives become more and more dependent on smartphones due to their high processing power and increased capabilities. Smartphones have features of both a mobile phone and a computer, allowing us to talk, text, tweet, email, browse the Internet, make purchases, manage bank accounts, and take pictures. “Smartphones’ popularity and relatively lax security have made them attractive targets for attackers to invade smartphones in various paths”.

 

Changes have been created in the mobile phone landscape with the introduction of smart phones running Android. Android is an open smartphone platform developed by the Google-led Open Handset Alliance. Scholars predict that the Android will control 45.4 percent of the market share by 2015 due to its open source nature and adoption by telecommunications providers worldwide. In fact, Open mobile platforms like Android provide an opportunity for consumers to access more applications. Applications can be installed on Android devices through the Android Market and other untrusted third party sites. Recent studies indicate that there are malicious applications that can be uploaded onto app stores and then successfully advertised to users. These malicious applications will access to a user’s personal information, all messages, network communication and services that cost money. Similarly, Kaspersky’s Internet security experts (2012) reported on more than 35,000 malicious Android programs. They explained the reasons for the huge growth in Android Malware:

  • The Android platform has become the most widespread operating system (OS) for new smartphones – it has over 70% market share. 
  • The open nature of the Android OS, the ease with which apps can be created, and the wide variety of (unofficial) application markets all have an influence on security.”

In line with this idea, a study has been recently conducted by a group of researchers at University of New Haven (UNHeFREG) to discover security issues within the social media, chatting, and dating app market on android. They observed app network traffic to find unencrypted data transmissions. They created a test network using Windows 7’s virtual miniport adapter. Then, they connected the android phone to this network to monitor all traffic being sent and received by the android device. An iPad was connected outside the test network and was used to exchange data to the android device. With this setup, they were able to capture a great deal of sensitive user information. In addition, they conducted server storage analysis and device storage analysis to find out how apps store user data on the server and device. Finally, they reported that anyone who uses many popular android apps (such as Instagram, Okcupid, ooVoo, Tango, Klk, Nimbuzz, MeetMe, MessageMe, TextMe, Grindr, HeyWire, Hike, and textPlus) is in danger of confidential data breaches. It would seem that the current Android security architecture and operating system cannot provide adequate security for Android mobile phone users.

As discussed above, the current Android security system has multiple flaws and Android users need new ways to protect their private personal data from a malicious attack. In order to improve our smartphone security, Fraces (2014) suggested several tips as follows: Selecting strong password or pattern; Installing and updating security solutions; Downloading applications only from trusted and reliable sources; Checking our apps permissions and rights; Performing regular updates of the O.S on our device; Preparing back up from our information frequently; Encrypting our confidential information; Beware of entering sensitive information on our smartphone; and Avoiding jailbraking or rooting of the device.

By Mojgan Afshari

Bruce Guptill

How CFOs and CIOs See Finance Management Priorities

Cloud and the Finance-IT Effectiveness Gap IT leaders today tend to be much better aligned with business and operational leaders and business goals than they were just five years ago. Unfortunately, they are still not ...
Isc2

Episode 2: Coronavirus Phishing Emails and Work-from-Home Meetings

Coronavirus Phishing Emails What to watch out for as scammers exploit pandemic panic, and tips on how to attend meetings while working from home. Working from home this week? There are a few challenges and ...
Brad Thies

SOC Reporting Requirements You Need to Know in a Cloud Environment

SOC Reporting Requirements Security lapses in some of the world's biggest companies continue to appear in news headlines, and information security is top of mind for businesses. Perhaps as a result, SOC reports are becoming ...
Aarti Parikh

What are the Capabilities of the AWS Serverless Platform?

AWS Serverless Platform AWS serverless compute services allow to build and deploy applications on AWS cloud without having to manage the servers. AWS serverless platform enables vendors to deploy cloud solutions without server provisioning, deploying, ...
Aarti Parikh

Serverless Multi-Tier Architecture on AWS

Serverless Multi-Tier Architecture Multi-tier Architecture Multi-tier Architecture is also known as n-tier architecture. In such architecture, an application is developed and distributed in more than one layer. The number of layers depend on business requirements ...
Patrick Joggerst

Why Platforms Matter as UCaaS Adoption Continues to Soar

UCaaS Adoption Continues to Soar Industry analysts agree – the unified communications-as-a-Service (UCaaS) market will continue to grow by leaps and bounds in 2020 and beyond. Mordor Intelligence, for example, predicts a compound aggregated growth ...