Ads in mobile apps could pose privacy, security risksMar 20, 3:36 pm
Washington, March 20 (ANI): Including ads in mobile applications poses privacy and security risks because they offer a way for hackers to bypass existing security efforts, researchers have revealed.In a recent study of 100,000 apps in the official Google Play market, the North Carolina State University researchers noticed that more than half contained so-called ad libraries and 297 of the apps included aggressive ad libraries that were enabled to download and run code from remote servers - which raises significant privacy and security concerns."Running code downloaded from the Internet is problematic because the code could be anything," said Dr. Xuxian Jiang, an assistant professor of computer science at NC State and co-author of a paper describing the work."For example, it could potentially launch a 'root exploit' attack to take control of your phone - as demonstrated in a recently discovered piece of Android malware called RootSmart," Jiang cited.In Google Play (formerly known as the Android Market) and other markets, many developers offer free apps. To generate revenue, these app developers incorporate "in-app ad libraries," which are provided by Google, Apple or other third-parties. These ad libraries retrieve advertisements from remote servers and run the ads on a user's smartphone periodically. Every time an ad runs, the app developer receives a payment.This poses potential problems because the ad libraries receive the same permissions that the user granted to the app itself when it was installed - regardless of whether the user was aware he or she was granting permissions to the ad library.Jiang's team looked at a sample of 100,000 apps available on Google Play between March and May 2011 and examined the 100 representative ad libraries used by those apps. One significant find was that 297 of the apps (1 out of every 337 apps) used ad libraries "that made use of an unsafe mechanism to fetch and run code from the Internet - a behaviour that is not necessary for their mission, yet has troubling privacy and security implications," Jiang stated. But that is only the most extreme example.Jiang's team found that 48,139 of the apps (1 in 2.1) had ad libraries that track a user's location via GPS, presumably to allow an ad library to better target ads to the user. However, 4,190 apps (1 in 23.4) used ad libraries that also allowed advertisers themselves to access a user's location via GPS. Other information accessed by some ad libraries included call logs, user phone numbers and lists of all the apps a user has stored on his or her phone.These ad libraries pose security risks because they offer a way for third parties - including hackers - to bypass existing Android security efforts. Specifically, the app itself may be harmless, so it won't trigger any security concerns. But the app's ad library may download harmful or invasive code after installation."To limit exposure to these risks, we need to isolate ad libraries from apps and make sure they don't have the same permissions," Jiang suggested. "The current model of directly embedding ad libraries in mobile apps does make it convenient for app developers, but also fundamentally introduces privacy and security risks. The best solution would be for Google, Apple and other mobile platform providers to take the lead in providing effective ad-isolation mechanisms," the researchers added.The findings will be presented at the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks in Tucson. (ANI)
Turning off technology hours before bedtime promotes sound sleep May 24, 3:53 pm
New York, May 24 (ANI): Using your tablet or smartphone before bed can suppress quality sleep, thus putting you at risk for health problems, a new study suggests.Full Story »
Now, a radio that can change scripts depending on where you are May 24, 3:46 pm
London, May 24 (ANI): A concept device has been created by BBC where the script can get altered depending on factors like weather.Full Story »
Google to add Galapagos Islands to Street View May 24, 3:29 pm
Washington, May 24 (ANI): Google has gathered images of the beauty and biological diversity of the Galapagos Islands for use on its Street View.Full Story »
Information security firm and Manipal come together to bolster India's e-defence May 24, 1:37 pm
New Delhi, May 24 (ANI): In today's networked world, to bolster India's e-defence, a leading information technology firm has tied up with one of the leading universities of India to train young minds about different kinds of security solutions, and strengthen the nation in a different manner.Full Story »
- Google boss warns students against 'censorship of net' and 'digital ethnic cleansing'
- 3D printed object created using brain waves
- Flexible solar cells and displays may be possible with transparent electrode
- US officials say hypersonic weapons likely to hit battlefield by 2025
- Samsung creates furore after portraying men as 'stupid, dirty slobs'
- Majority of teenagers now flocking to Twitter as Facebook enthusiasm wanes: Study
- Baby's life saved with new 3-D printed device that restored his breathing
- Twitter beefs up security following recent hacking spate
- Facebook to revise violent content 'at all levels'
- New antivirus, desktop security software to check future cyber attacks
TOP VIDEO STORIES