Extra, added Android apps from phone makers can be security risks



Android apps from phone makers can be security risks –>

Free apps often installed by smartphone makers and wireless providers to customize their Android phone offerings can be security risks, U.S. researchers say.

In order to differentiate their offerings from the competition, vendors are unnecessarily introducing a host of potential security issues that don’t seem to be improving over time, computer scientists at North Carolina State University reported.

They said they looked at pre-installed apps on flagship phones from Google, HTC, Samsung, LG, and Sony, analyzing the number of pre-installed apps, which permissions they have, and whether they contain any vulnerabilities.

In total, the devices had 1,548 pre-loaded apps, 82 percent of which were added by vendors to customize the device, ZDNet reported Wednesday.

The biggest problem from a security perspective, the computer scientists said, was that they behaved badly; 86 percent of all pre-loaded apps requested more Android permissions than they actually use, which they term as “over-privileged.”

All vendors performed poorly in this, the researchers said.

Even when possible security risks represented by over-privileged or vulnerable apps are identified, Androidsmartphone makers are slow to release security patches and then only for some of their devices, the researchers said.



About Gregory D Evans

Gregory Evans is one of the worlds greatest security consultants. Go to http://GregoryDEvans.com for more details.
This entry was posted in Cell phone security, Technology, wireless and tagged , , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s