{"id":4809,"date":"2014-02-18T19:46:07","date_gmt":"2014-02-19T00:46:07","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=4809"},"modified":"2014-02-18T19:46:07","modified_gmt":"2014-02-19T00:46:07","slug":"report-finds-ios-apps-riskier-than-android-apps","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/02\/18\/report-finds-ios-apps-riskier-than-android-apps\/","title":{"rendered":"Report finds iOS apps riskier than Android apps"},"content":{"rendered":"

<\/a><\/p>\n

How many apps do you have on your smartphone or tablet right now? Well, take that number, and multiply it by 0.9. That\u2019s about how many of your apps are a potential security concern according to a new study from Appthority.<\/p>\n

The Appthority Reputation Report for Winter 2014 was compiled using data from the cloud-based Appthority App Risk Management Service. Appthority performed static, dynamic, and behavioral app analysis of 400 paid and free apps spanning iOS and Android to assess the relative security and risky behavior of the most popular apps.<\/p>\n

Appthority found that 95 percent of the top 200 free apps on iOS and Android exhibit at least one risky behavior. That number drops to 80 percent for paid apps\u2014an improvement, but four out of five paid apps exhibiting risky behavior is hardly something to cheer about. Appthority also discovered that iOS apps are riskier overall than Android apps\u201491 percent contain risky behavior as opposed to 83 percent on Android.<\/p>\n

They risky behaviors vary, but include things like location tracking\u2014found in 70 percent of the free iOS and Android apps\u2014weak authentication, sharing data with ad networks, accessing the contact list, or identifying the user or UDID.<\/p>\n

“Appthority found that 95 percent of the top 200 free apps on iOS and Android exhibit at least one risky behavior. ”<\/p>\n

There are a couple significant caveats to the idea of iOS being a greater risk. First, Android apps have a much higher presence of accessing the UDID or identifying the user. Apple took steps to prevent developers from accessing UDID information on iOS mobile devices\u2014but some developers have found ways to circumvent those rules.<\/p>\n

The other thing that separates Android from iOS is that, although there are more iOS apps that exhibit risky behavior, the Android apps tend to collect more information about the user and the user\u2019s mobile activities than their iOS counterparts.<\/p>\n

To sum up, a higher percentage of iOS apps include risky behaviors than Android apps, and paid apps are generally less risky than free apps.<\/p>\n

The differences in many cases are small and semantic, though. The fact that iOS has a higher percentage than Android may offer some small consolation to Android users, but the fact that nearly all of the apps on both major mobile platforms exhibit at least one risky behavior should be a red flag for both app developers and mobile device users\u2014as well as for Apple and Google themselves.<\/p>\n

The real lesson to be found in this report is that app developers recognize the financial value of gathering user data, and that mobile apps in general have a long way to go in terms of security and respecting a user\u2019s privacy.<\/p>\n

via Report finds iOS apps riskier than Android apps | PCWorld<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

How many apps do you have on your smartphone or tablet right now? Well, take that number, and multiply it […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[3,7,9],"tags":[65,90,549,699],"class_list":["post-4809","post","type-post","status-publish","format-standard","hentry","category-hardware","category-security","category-software","tag-android","tag-apps","tag-ios","tag-mobile-security"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1fz","jetpack-related-posts":[{"id":2971,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/07\/17\/tumblr-tells-users-to-change-passwords-patches-security-hole-in-ios-apps\/","url_meta":{"origin":4809,"position":0},"title":"Tumblr tells users to change passwords, patches security hole in iOS apps","author":"NCCT","date":"July 17, 2013","format":false,"excerpt":"Tumblr, the blogging site recently acquired by Yahoo, has released a security update for its iPhone and iPad apps that it said addresses an issue that allowed passwords to be compromised in certain circumstances. Users of the apps have been advised to update their passwords on Tumblr as there is\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6833,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/11\/12\/ios-security-hole-allows-attackers-to-poison-already-installed-iphone-apps\/","url_meta":{"origin":4809,"position":1},"title":"iOS security hole allows attackers to poison already installed iPhone apps","author":"NCCT","date":"November 12, 2014","format":false,"excerpt":"Security researchers have warned of a security hole in Apple's iOS devices that could allow attackers to replace legitimate apps with booby-trapped ones, an exploit that could expose passwords, e-mails, or other sensitive user data. The \"Masque\" attack, as described by researchers from security firm FireEye, relies on enterprise provisioning\u2026","rel":"","context":"In "Apple"","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/11\/masque-attack-example-640x613.jpg?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/11\/masque-attack-example-640x613.jpg?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/11\/masque-attack-example-640x613.jpg?resize=525%2C300 1.5x"},"classes":[]},{"id":8714,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/11\/05\/newly-discovered-adware-digs-its-claws-deep-into-android-is-nearly-impossible-to-remove\/","url_meta":{"origin":4809,"position":2},"title":"Newly discovered adware digs its claws deep into Android, is nearly impossible to remove","author":"NCCT","date":"November 5, 2015","format":false,"excerpt":"Security researchers found over 20,000 adware samples hiding in apps that masquerade as Facebook, Twitter, Snapchat, and other popular services. Derek Walter | @derekwalter | PCWorld Security researchers have uncovered a new style of Android malware that hides inside of apps that act and look like they\u2019re legitimate services. Lookout\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3197,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/08\/19\/malware-hijacks-mobile-ad-networks-to-siphon-money\/","url_meta":{"origin":4809,"position":3},"title":"Malware hijacks mobile ad networks to siphon money","author":"NCCT","date":"August 19, 2013","format":false,"excerpt":"Asian cybercriminals have figured out an unusual way to use the architecture of a mobile ad network to siphon money from their victims. The new method represents another step in the evolution of mobile malware, which is booming with more smartphones shipping than PCs. Mobile ad networks open up the\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8976,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/07\/15\/this-android-trojan-blocks-victims-from-alerting-banks\/","url_meta":{"origin":4809,"position":4},"title":"This Android Trojan blocks victims from alerting banks","author":"NCCT","date":"July 15, 2016","format":false,"excerpt":"By Michael Kan | PCWorld A new Trojan that can steal your payment data will also try to stymie you from alerting your bank. Security vendor Symantec has noticed a \u201ccall-barring\u201d function within newer versions of the Android.Fakebank.B malware family. By including this function, a hacker can delay the user\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3049,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/07\/29\/android-4-3-hides-support-for-4k-displays-and-granular-permissions-options\/","url_meta":{"origin":4809,"position":5},"title":"Android 4.3 hides support for 4K displays and granular permissions options","author":"NCCT","date":"July 29, 2013","format":false,"excerpt":"We already knew Android 4.3 focused on under-the-hood improvements, but it appears there are at least a couple more hidden features than Google let on. The permissions list for the Bump app, as seen through App Ops. (Click to enlarge.) As Android Police first discovered, Android 4.3 includes a hidden\u2026","rel":"","context":"In "Hardware"","block_context":{"text":"Hardware","link":"https:\/\/nccomputertech.com\/techtalk\/category\/hardware\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/4809","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=4809"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/4809\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=4809"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=4809"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=4809"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}