• Beware The Rogue App

    It sounds like a lame character from one too many X-Men sequels. But the concept of a "rogue app" is a reality for many. We've all stumbled across more than a few suspicious iPhone applications that make one wonder if the folks behind the app have ulterior motives for rolling it out.

    Making bold claims and accusations against the purveyors of malicious applications is Nicolas Seriot from the Swiss University of Applied Sciences. Nick is speaking today in Washington DC at Blac Hat DC 2010. His argument? Be afraid. Be very afraid. More importantly, however, be cautious. Be very cautious.

    This presentation will discuss iPhone privacy issues and challenge Apple's stance and assertions regarding iPhone security. The presentation will also show how a rogue application can access substantial quantities of personal data on an unmodified device and expose how it could go unnoticed in spite of AppStore tight reviews.
    During the presentation, the text and video of which are expected to be released later, Seriot wasted no time extolling the dangers of otherwise "harmless apps" that harbor unsavory secrets - namely, their ability to spy on you and soak up personal and highly sensitive data - all of which could fall into the wrong hands at the right price.

    Proof? Seriot, a software engineer in his own right, created spyware called "SpyPhone" which has proven to successfully
    access everything from Safari searches to sensitive e-mail account information like username and password. It's a cyber
    thief's dream and a stalker's paradise. For the rest of us, however, it's a nightmare waiting to happen.

    What's the point of all this? To raise our level of consciousness about the dangers of the App Store. Should we tremble over the theories proposed by Seriot? Of course not. But it is about time for many of us to rouse ourselves from a state of security complacency and realize that legitimate dangers are prowling the App Store, and Apple is simply incapable of doing all the protection for us. Often times, we have to do it ourselves.
  • Connect With Us

  • Twitter Box

  • Facebook