Study Finds Widespread Security Flaws in Android Apps
According to Veracode, 40 percent of Android apps contain at least one instance of hard-coded cryptographic keys.
According to a recent study, mistakes being made by Android app developers are rendering many applications vulnerable.
"An analysis of mobile applications conducted by Burlington, Mass.-based testing company Veracode Inc., found 40 percent of Android applications contain at least one instance of hard-coded cryptographic keys," writes SearchSecurity's Robert Westervelt.
"The practice gives every user of an application the same encryption key, which is similar to everyone within an organization using the same password to secure their data, said Chris Wysopal, co-founder and CTO of Veracode," Westervelt writes. "Because Android applications are easy to decompile, an attacker can easily extract and publicize hard-coded keys, Wysopal said."
Go to "Android app security: Study finds mobile developers creating flawed Android apps" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.