• Your favorite








    , and
  • Beware The Rogue App

    It sounds like a lame character from one too many X-Men sequels. But the concept of a "rogue app" is a reality for many. We've all stumbled across more than a few suspicious iPhone applications that make one wonder if the folks behind the app have ulterior motives for rolling it out.

    Making bold claims and accusations against the purveyors of malicious applications is Nicolas Seriot from the Swiss University of Applied Sciences. Nick is speaking today in Washington DC at Blac Hat DC 2010. His argument? Be afraid. Be very afraid. More importantly, however, be cautious. Be very cautious.

    This presentation will discuss iPhone privacy issues and challenge Apple's stance and assertions regarding iPhone security. The presentation will also show how a rogue application can access substantial quantities of personal data on an unmodified device and expose how it could go unnoticed in spite of AppStore tight reviews.
    During the presentation, the text and video of which are expected to be released later, Seriot wasted no time extolling the dangers of otherwise "harmless apps" that harbor unsavory secrets - namely, their ability to spy on you and soak up personal and highly sensitive data - all of which could fall into the wrong hands at the right price.

    Proof? Seriot, a software engineer in his own right, created spyware called "SpyPhone" which has proven to successfully
    access everything from Safari searches to sensitive e-mail account information like username and password. It's a cyber
    thief's dream and a stalker's paradise. For the rest of us, however, it's a nightmare waiting to happen.

    What's the point of all this? To raise our level of consciousness about the dangers of the App Store. Should we tremble over the theories proposed by Seriot? Of course not. But it is about time for many of us to rouse ourselves from a state of security complacency and realize that legitimate dangers are prowling the App Store, and Apple is simply incapable of doing all the protection for us. Often times, we have to do it ourselves.
    This article was originally published in forum thread: Beware The Rogue App started by Michael Essany View original post
    Comments 22 Comments
    1. one1's Avatar
      one1 -
      Quote Originally Posted by Sevael View Post

      Besides, how many people actually have useful info on their phones that these questionable app makers would be after? I bet virtually none. If anyone wanted to take all the time required to sift through my emails or listen to all my conversations or view my browsing habits, be my guest. They won't find anything useful. I'm sure this is the case with 99% of iPhone users. Anybody willing to use things like credit card numbers over celluar data waves is already taking risks and knows what they're getting themselves into (I hope). The worst 'rogue app' coders could do is get passwords to websites, like this one. OMG, somebody's going to come on here and post in my name! The world is over, oh noes! Pfft.
      Here's what a phone looks like from someone who has a life......

      ~ Business and personal email
      ~ All phone contacts
      ~ AT&T account full access
      ~ Paypal account full access
      ~ Ebay account full access
      ~ Jaadu full access to iMac
      ~ Facebook full access to contacts personal and business
      ~ All google services and social services you have
      ~ Nimbuzz is every live connection to anyone you know
      ~ Shozu... god is there anything shozu doesn't connect to?

    1. rhekt's Avatar
      rhekt -
      in the app store? also means its in cydia and rock. no stringent regulations there girls and boys