How secure are our applications?

On several occasions we have informed you of different security failures of applications , or possible theft of private data through them. However, is it normal? Should we fear everything that we install in our terminal? According to the following infographic from the security firm Veracode, there are four potential levels of riskSomething that should not alarm users using official applications and coming from known developers installed from the top app markets

The four layers or levels referred to in the infographicare: the level of applications: there are apps contaminated with malware or security flawsthat can be used by third parties as a hole to access our information At the level of hardwareor components: Attackers use memory leaks to modify permissions and gain full access to terminal. The level of red: as we have already reported in the case of WhatsApp, the connection to public Wi-Fi networks can be an access door for people with sufficient computer knowledgeFinally we find the risk level of the operating system: the loose ends in the modifications of the operating systems such as the well-known iPhone Jailbreak or the Premade ROMs on Android can also be a access point for hackersand extremely curious

The infographic also includes some known cases related with applications that have caused the theft of information or the infection of our terminal with unwanted viruses . Specifically, it reports a false version of Instagram that circulated through different pages of Internet and that , in fact, it was a infected applicationSomething that, according to him, is a common technique to spread malicious programs that steal information That is why it is recommended to unload and install only applications that come from the official application markets There is also a case that we were able to inform you about at Tuexperto.com about thesending, without prior permission, the contact list to the servers of some social networks such as Path Something that was soon fixed by introducing the necessary permission through an update.

The importance of the libraries of ads that are usually inserted in free applications is also discussed as a system of monetization Specifically, in a study that analyzed 100,000 applications , More than half had these ad libraries, and 297 of them able to run programs remotely That remote access is what can endanger the privacy of our terminals To protect ourselves from This must take into account the permissions that the installation of certain applications implies, rejecting those that seem abusive

Many of these problems were brought to light thanks to a class action lawsuit against 18 companies , many of them well-known, collecting private information such as the contact list or other data without any permission no prior notice Among them are social networks such as Facebook , Instagram, LinkedIn, Foursquare , etc as we already informed you in Tuexperto.comHowever, according to the infographic, as of today there are no known cases where has used the data acquired for purposes unrelated to the application itself In fact, the main and direct problem that involves the theft of information private is the distribution of . And it is that information is worth money Money that systems are willing to pay to reach more people by any means And not so much to do some kind of damage with that information

As recommended by Veracode, the ideal is to find the balance between privacy and functionality , avoiding those applications whose permissions exceed their functions, do not come from an official market, send private data for no apparent reason or those that do not allow us to modify the privacy optionsStill, some have taken action, such as the Federal Trade Commission, who have proposed expanding the Privacy Protection Act on the Internet to applications that allow children to play online games, participate in networks social or receive personalized.