In an automated analysis ran by mobile security firm Zimperium it found 11,877 Android apps and 6,608 iOS apps were configured incorrectly and were leaking personal information, passwords, and in some cases, medical information.
The research also found that aside from exposing data, some misconfigurations allows bad actors to change or overwrite data. The organization also found that the misconfiguration issue was prevalent not only among smaller apps with a few thousand users, but among apps with millions of user base.
This story was written by Lily Hay Newman for Wired. It was published on March 4, 2021.
Editor’s Note: Could this security loophole account for almost effortless surveillance conducted by the FBI in their investigation of the Capitol Hill riots [see This is how the FBI uses AI to identify, track, and round up dissidents]? Why isn’t the Apple Store and Google Play Store alerting developers about the wrong configurations of their apps?
Read Original Article
Click the button below if you wish to read the article on the website where it was originally published.
Click the button below if you wish to read the article offline.