App vulnerabilities under scrutiny at upcoming security conference
The Blackhat security conference kicks off this weekend, with application safety figuring to be a major focus. In this video report, we’ll look at a company that studies both iOS and Android for security holes, including a flaw they found in Google’s mobile OS.
Earlier this month, Bluebox Security announced a flaw in Android that has existed for four years—reaching up to 900 million devices—that would have allowed hackers to turn any legit app into a Trojan app with hidden malware inside. The flaw was found in February but Bluebox didn’t announce it until Google patched its Play Store a few weeks ago. (Most Android users have little reason to worry about the flaw, however.)
All this attention on Android doesn’t leave iOS off the hook, according to Bluebox founder Adam Ely, who says the nature of Android’s open code just makes it easier to check. “We can say each has its pros each has its cons,” Ely tells us. “They’re about the same, they’re just different approaches.”