Here ’s some bad news for Android users . Security researchershave discovered 100 + more apps that fail to encryptyour login data point properly , making it frightfully easy for hackers to slip your password . What ’s bad : the vast absolute majority of the app makers are n’t doing anything about it .
The specific issue , an HTTPS vulnerability , is just a new problem . In fact , we ’ve knownfor yearsthat Android apps are susceptible to this takings , and that it puts users ’ private information in endangerment . So it ’s not really news that it ’s still around .
What might storm you is that the list of affected apps includes include democratic service like Match.com , NBA Game Time , Safeway , and — get ready — Pizza Hut . So if you ’ve been orderingdelicious red-hot dog pizza pie gall pizza from the Hutwith your phone , you should change your countersign right now . You should also probably stop using these apps until you know they ’ve been fix .
Do n’t freak out out too much : It ’s not all Android apps that suffer from this vulnerability . certificate researcher say these apps have been downloaded over 200 million time so that ’s 200 million opportunities for hackers to steal word … but that ’s not a lot in the grand scheme of thing .
Earlier this year , a mickle of apps that had been download over 350 million timeswere place as being similarly insecure . ( OkCupid was among them . ) Faulty encryption was also the causeof a mobile security stimulate up back in 2012 . So it ’s not like app Lord do n’t know that HTTPS vulnerabilities are a problem . It ’s pretty incense that they ’re not doing anything about it , though .
https://www.youtube.com/watch?v=OIq6nJd8FAU
For a more detailed account of the so - anticipate “ Game - over HTTPS flaw , ” watch the video above orcheck out the comprehensive reporting in Ars Technica . You could also trydownloading AppBugsfrom the Play Store to see if you have any life-threatening apps , but fair word of advice : though that app is made by the same surety researchers who brought these latest vulnerabilities to light , we have n’t actually prove it ourselves to see if it ’s any good .
[ Ars Technica ]
get through the author at[email protected].Public PGP keyPGP fingerprint : 91CF B387 7B38 148C DDD6 38D2 6CBC 1E46 1DBF 22
AndroidGoogleHackersHacksSecurity
Daily Newsletter
Get the good tech , science , and culture news in your inbox daily .
newsworthiness from the future , delivered to your present tense .
You May Also Like
