Your Android Smartphone May Be Leaking Personal Data

Smartphones had changed the way we communicate, get information, and entertain ourselves. With smartphones increasingly becoming low-priced and within the range of the average person, therefore, it is no surprise about the source of their widespread success around the globe is their low- price and computing capabilities. With Apple’s iPhone a bit on the pricey side, Google’s Android based Smart-phones are the choice of smart-phones loving frugal folks. Moreover, with multiple manufacturers of Android based smart-phones such as HTC, Samsung, Sony, Huawei, Motorola and LG, the choices of Android based smart-phones are endless. Consequently, such variety and affordability has propelled Google’s android based operating system as the iPhone’s impossible-to-knock-out adversary. Therefore, it’s a given fact that Android operating systems for smart-phones are the entire buzz these days.

Yet, recently, Android has once again made negative headlines, this time on the subject of personal data. Security researchers at Leibniz University in Hanover, Germany found that some perfectly legitimate android applications available for download on Google ‘Play’ may leak your data to hackers. Even so, the team didn’t come across any reported incidents that reported any hackers have taken advantage of this loop-hole.

To be more specific on how confidential data can be leaked with these applications, researchers have found that almost all android applications used SSL and TLS security protocols to transmit your private data. Shockingly, what the research found was that these security protocols weren’t designed properly in these apps – they were faulty. Therefore, if you have recently downloaded apps from Google Play, chances are your username, passwords, credit card number and addresses could be leaked. To test our data leak vulnerabilities, a tool known as ‘MalloDriod’ was used, which can detect Man-in-the-middle attacks.

What researchers determined was that 8% of the applications were defenseless against MITM attacks. The way it works, is that a third-party – hacker, connects between two devices, seemingly acting as a communication device using advanced hacking application. Researchers determined that any application that sends out a certificate is open to attack. What shocked researchers the most, was that 41 out of 100 applications contained this security loophole.

It’s estimated that anywhere from 40 to 185 million users may have downloaded such apps. Researchers say that better security measures and regulations installed within Android operating system is the key to keeping data safe. The majority of the applications available on the ‘Play’ store are not mandated to have strict security protocols, implementing foolproof security measures in Android compatible applications should be the responsibility of the developer of that specific application. It’s up to Google to enforce compliance to protect its user’s identity.

On a different note, smart phones are not the only culprit that can leak personal data. The widespread use of portable-data-storage-devices such as thumb drives and portable hard-drives can also contribute to data theft. If you end up losing one of these devices, and by mistake you happen to have your intimate data stored on them, such as e-statements, tax return or copies of private identification, then there’s potential for some trouble. Experts recommend that when transporting sensitive data on transportable drives, it’s highly recommended that you secure USB movable drives and hard-drives with portable data security software. Identity theft is hot business for criminals, as it is considered an easy way to steal information without ever getting caught. What’s really worrisome is that, by the time you come to know that your data has been stolen, it may be too late. It’s likely that the criminals may have already charged up your account, and you may only find out about this charge once you receive your credit card bill.

Mobile Application Development

Mobile Application Development is the process of building and developing software and application programs for mobile phones and smart gadgets. These application and software programs are either installed already during the mobile device’s manufacturing or bought from software providers for mobile phones and then installed in the phone, or downloaded directly to the mobile phone through its web browser (via its HTTP functionality that uses client- and server-side processing). But since this is a very broad topic, this article will help you familiarize yourself with what mobile application development is all about.

Software and application programs for mobile phones are being designed, built and developed to run on the most well-known mobile device platforms and environments today. These are the Android OS, the Blackberry OS, the HP webOS, Windows Mobile, the Symbian OS and the Apple iOS. These execution environments only support the codes and binaries that correspond to its operating system. But what is common among most mobile phones is that they use ARM processors. Through the commonly used ARM Architecture, the codes and binaries of the mobile app are executed in machine format for reading by the device’s processor. Development of mobile apps though, still have to be done using tools for specific mobile operating systems.

As a developer, it is always a must to determine and do an analysis of what platforms or environments to use for the development of mobile phone applications and programs. Doing mobile software development gives the programmer exposure to the tools of the trade, enabling him to write the code faster, test it, and later on deploy the mobile app for certain mobile phones and their operating systems. Some of the known development environments for mobile application development include the following: Adobe AIR, Android, Application Craft, Aqua, Battery Tech, Blackberry, Canappi, CloudPact, Corona SDK, iOS SDK, Java ME, Macromedia Flash Lite, Meme IDE,.NET Framework, Symbian, Windows Mobile, and the webOS.

After every development phase, the built and developed modules of the mobile application must undergo a series of tests to determine whether it functions according to the requirements set to it or not. The project team must assign one of its members to perform the testing and functionality checks. For mobile application development, here are the mobile application test environments that can be used for the Android, iPhone and Blackberry operating systems:

  1. Google Android Emulator
  2. Official Android SDK Emulator
  3. MobiOne
  4. iPhoney; and
  5. Blackberry Stimulator.

Other tools include FoneMonkey, Robotium, Sikuli and MITE.

These are the things to keep in mind when setting out to develop software applications and programs for mobile phones and smart gadgets. It is quite difficult and time-consuming to undertake a project of developing mobile applications since there are a lot of requirements to consider and a lot of time is needed for analyses, the concurrent development of different modules, and its integration into one fully-functioning application, and the testing phase that should be carried out meticulously. Mobile application software development is similar to system software development for computers, and web applications, and web site development – the product of the project undergoes the phases of the system development life cycle (SDLC). Therefore, the only difference is the development environments and the operating systems where the mobile applications are going to be deployed.

Android Takes Lead In The Market

Google created Android has taken a step forward in the war of smart phone platforms that is growing at a fast rate. It has snatched market share of RIM and Nokia’s Symbian OS, unlike the popular myth of overtaking share of Apple’s iOS. The biggest loser in market share has been Symbian who has lost about 14% in a year having only about 2.6% share according to latest statistics, whereas RIM has lost about 5.7% during the same period, and iOS has lost 1% of its users. Well iOS and Android cannot be termed as competitors since they target a different customer base when the prices are compared. But still, it can be said to have taken lead in the market when the figures are compared.

One of the main reasons for the Android’s popularity is that it has operating system based on Linux that is very secure and user interface that is appealing to users. It also has special Dalvik virtual machine devised for its integration. One of the fact which is not known by many is that Google has helped Linux in making OS for smart phones and tablet computers based on Linux OS while researching for Android development. Due to its feature of open source, it is available cheap to manufacturers. Software applications based on Android are available for download at stores such as Google Play and third party websites such as Amazon.

The four types of android applications are: activity, services and content provider. Let’s look at each of them.

Activity: It is most visible part of the application. It presents UI to an application known as view. It implements various UI elements such as textbox, labels, etc. Application moves from one activity to another by using method known as startActivity()

Services: Like different multitask figuring domains, there are applications running “out of sight” that perform different obligations. It calls the aforementioned sorts of applications “services.” The service is an Android requisition that has no UI. The recipient is a provision part that gets solicits to process goals. Like the service, a beneficiary does not, in standard rehearse, have a UI component. Collectors are ordinarily enlisted in the AndroidManifest.xml index.

Content Provider: The Content Provider is the android mechanism for data-store abstraction.

Android is named after its initial developer before it was bought by Google. Google unveiled Android with Open Handset Alliance that is open standards for mobile devices in 2007. It has about 7 million apps as on Oct 2012 and about 25 billion apps are downloaded by users worldwide.