Jump to content

Welcome to ExtremeHW

Welcome to ExtremeHW, register to take part in our community, don't worry this is a simple FREE process that requires minimal information for you to signup.

 

Registered users can: 

  • Start new topics and reply to others.
  • Show off your PC using our Rig Creator feature.
  • Subscribe to topics and forums to get updates.
  • Get your own profile page to customize.
  • Send personal messages to other members.
  • Take advantage of site exclusive features.
  • Upgrade to Premium to unlock additional sites features.
Tech & Science News Posting Rules
IGNORED

Massive research into iOS apps uncovers widespread secret leaks, abysmal coding practices

Kaz

By Kaz
in Technology and Science

 Share

Recommended Posts

Kaz

Kaz

News Editor
308 294
Posted
Posted
  Quote

 

Most apps on Apple’s App Store seem to leak at least one hard-coded secret. Many high-sensitivity secrets were found, including keys to cloud storage, various APIs, and even payment processors. Some endpoints are left completely unprotected, putting users at risk.

Apple’s App Store is renowned for its walled garden approach and strict app review process. However, it doesn’t evaluate the app code for hardcoded secrets.

Cybernews research into more than 156,000 iOS apps has unveiled more than 815,000 hardcoded secrets, including thousands that are very sensitive and could lead directly to breaches or data leaks.

The average app's code exposes 5.2 secrets, and 71% of apps leak at least one secret.

The majority of secrets could be disregarded as low sensitivity. However, that still leaves too many very sensitive keys exposed by app developers.

 

Expand  

6554b6be8c0d829a8bf63ae0c82cf121_link.pn Just a moment...

CYBERNEWS.COM

 

Apple apps are secure, as long as you don't look hard...  "Secrets" is a broad term, but the article goes on to describe what they are and how serious they are.

 

While I primarily use android, this is the reason I don't load apps onto my phone unless I feel they are a necessity.  (I make an exception for shattered pixel dungeon, it's an open source game that's great).  No matter how much a store promises a discount for using their app, I don't want it.  I also run youtube through the web browser, because ublock successfully blocks ads on mobile, and it can't if I use the youtube app. 

  • Thanks 1
See all user awards
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


×
×
  • Create New...

Important Information

This Website may place and access certain Cookies on your computer. ExtremeHW uses Cookies to improve your experience of using the Website and to improve our range of products and services. ExtremeHW has carefully chosen these Cookies and has taken steps to ensure that your privacy is protected and respected at all times. All Cookies used by this Website are used in accordance with current UK and EU Cookie Law. For more information please see our Privacy Policy

  I accept