Bitdefender: Popular iOS apps send unencrypted passwords

By -

Employees of Bitdefender have found in tests that some popular apps for iOS have, despite the strict control by Apple for inclusion in the App Store with sending passwords in plain text is a serious security issue. The data could be intercepted by unauthorized and used for criminal purposes.

BitDefender Anti-Sniffer App Clueful (Screenshot: Bitdefender)

“With regard to the handling of sensitive user data it requires from the iOS app developers only a few steps to take proper measures to encrypt passwords, contact names and phone numbers. The risk that such data can not be compromised, be ignored – the iOS Privacy should not be taken lightly, “shares with Bitdefender. As smartphones, both in professional and private life to be used, according to the company, the attention for the access and transfer rights of apps always be particularly high.

Bitdefender specifically points to five apps that transmit passwords in clear text: The first is “Wi-Fi Finder” JiWire. The app helps users to find free or paid Wi-Fi networks.The second “Texthog” is. This app allows the mobile personal finances and spending to keep in mind. Bitdefender is mainly because of the auto sync with the texthog.com account concerns: The could be risky if the user they have a Wi-Fi network and makes is monitored by a third party.

The third negative example is the app “iWrecked” of Vurgood Applications, which should help in the settlement of claims by creating a PDF file including images of the accident, which can be subsequently sent directly to the insurance company. However, “iWrecked” sends passwords in clear text. Bitdefender also criticized the apps “Melodis Voice Dialer” from SoundHound and “Aloha: Hang with friends” from VodkaCran: Both handle contacts and phone numbers uncertain.

Users who are concerned about their privacy can check apps on the one hand with the tool of Clueful Bitdfender. It was, however, only for a short time as an app in the App Store, Apple withdrew before the release. Since late August Bitdefender offer the functionality as a web app

Symantec also offers a handy, free widget to compare the permissions that secure apps. When choosing between two programs with similar functions, the user can so decide for the one that fewer or less critical in his view required permissions.

More protection against personal data leads Apple introduced with iOS 6th Once an app is accessing sensitive data, the user is given in the form of a dialog box’s attention. The user can allow or deny access. This mechanism is users who have jailbroken their device, known for some time. The tool  Protect My Privacy protects personal data on the iOS device, by preventing the access of apps to contacts, location, device ID, and music. Quite far enough, does not have iOS 6th After all, can be restricted access to the location service, contacts, calendars, reminders and photos. The options to be found in the Privacy Settings.

He has over 5 years of experience as Online Media and Marketing Consultant, which allow him to enable companies to enhance and meet their Digital marketing goals. He has experience as both in-house and Agency Digital Marketing Experts. Ha has spent the most recent 4 years of his career focusing building Strong terms of Digital Marketing for his clients. In addition to his strengths on Building Brands and Serving Online Marketing strategy for his clients.

Comments are closed.