«

»

Thousands of Android apps have built-in crypto keys and passwords

Share this...Share on Google+Share on LinkedInTweet about this on TwitterShare on FacebookShare on RedditDigg thisEmail this to someone

A large number of free Android apps suffer with flaky security because software developers are leaving cryptographic keys embedded and passwords hard-coded. Speaking at the BSides security conference in San Francisco, software vulnerability analyst Will Dormann revealed how he had found serious security problems in thousands upon thousands of apps. After testing 1.8 million apps, he found almost 20,000 featured built-in passwords and keys, and even when a separate password store was used, user data was still open to attack from simple password crackers. See also: Is your smartphone lying to you about having the latest Android security updates? Privacy:… …Continue reading on BetaNews

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>