Developer Tech

We’ve heard enough depressing mobile security and malware news, so let’s take an “up-side” look at some recent research on the subject.

Directly from Akamai Technologies’ latest “State of the Internet” Quarterly report, China appears to be the origin of 41 percent of all computer-attack traffic.

Security research firm LookOut has discovered a new form of Malware hiding within Russian “clone apps.” This new threat goes by the apt name of ‘BadNews’ and is thought to have been downloaded “millions of times” across the 32 detected apps.

The American Civil Liberties Union (ACLU) has made a complaint to the Federal Trade Commission (FTC) claiming that major US operators AT&T, Sprint, T-Mobile and Verizon are not doing enough to provide particular Android users with adequate security. The ACLU links consumers using Droid iterations with “known, exploitable security vulnerabilities” as consequently using smartphones which do not receive “regular, prompt security updates”, and as a result the operators are culpable.

When you think about bad mobile app security, Android tends to come to mind. But while intentionally malicious apps may be a problem for Android, when it comes to data leaks and the loss of personal information, iOS is actually a bigger security offender, according to Veracode's recent State of Software Security report.

Mobile app security is something we talk about a lot, but now it officially has the rest of the world talking. European Privacy Regulators have just published their opinion on mobile app security, which will likely worsen the security testing headache for app developers and business owners.

Mobile malware. It’s scary, hard to protect against and is growing rapidly – especially on the Android OS. Due to its open-nature and popularity, the Android OS continues to be the biggest magnet for mobile malware and security attacks.

App security provider SafeApp Mobility has launched the SafeApp Certificate, a tool for Android developers to show to users that their app is safe to download. The certificate, which is available for Android apps of all size, from big companies to indie devs, performs similarly to a SSL Certificate, and in the long run is aimed at improving app retention and conversion from the developer’s standpoint.