Popular Android Apps Full of Bugs: Researchers Blame Recycling of Code

← Back to Stories (view on slashdot.org)

Popular Android Apps Full of Bugs: Researchers Blame Recycling of Code

Posted by timothy on Sunday July 27, 2014 @03:55PM from the little-of-this-little-of-that dept.

New submitter Brett W (3715683) writes The security researchers that first published the 'Heartbleed' vulnerabilities in OpenSSL have spent the last few months auditing the Top 50 downloaded Android apps for vulnerabilities and have found issues with at least half of them. Many send user data to ad networks without consent, potentially without the publisher or even the app developer being aware of it. Quite a few also send private data across the network in plain text. The full study is due out later this week.

6 of 150 comments (clear)

Min score:

Reason:

Sort:

Re:Not surprised by Anonymous Coward · 2014-07-27 16:04 · Score: 5, Funny

Not surprised that android apps are full of holes. The whole android concept was designed to treat people like commodities in a way never before possible. The whole Ecosystem is *engineered* to have holes.
Posted from my iPhone
Re:Not surprised by Anonymous Coward · 2014-07-27 16:09 · Score: 2, Funny

Not surprised that iPhone apps are full of holes. The whole Apple concept was designed to treat people like commodities in a way never before possible. The whole Ecosystem is *engineered* to have holes.
Posted from my Android phone
Re:All software is full of bugs by Greyfox · 2014-07-27 16:50 · Score: 5, Funny

But we don't do that. We never do that. As developers, we hide our head in the sand until we absolutely can no longer ignore then problem, and then we say "Whoops! My bad!" As consumers we assume that professionally published software should be reasonably free of bugs or exploitable code. And people start being held accountable by law for their shitty software, the status quo will never change.
I was demonstrating to a shitty software developer the other day how all his input sanitizing routines were in the javascript front end to his web application and anyone bypassing the javascript could essentially have their way with the back-end database, and he told me "Oh you're making a back-end API call, no one will ever do that!" No one except the guy who's hacking your fucking system, jackass. People like that make me want to sign on as Linus' personal dick-puncher. Whenever someone writes some shitty software that pisses Linus off, I will find that person and I will PUNCH THEM IN THE DICK. Because I swear to god, that's what it's going to take. Congress is going to have to WRITE A LAW allowing me to HUNT PEOPLE DOWN and PUNCH THEM IN THE DICK over the SHITTY SOFTWARE they write. And when that day comes, with God as my witness, I will PITCH A TENT outside MICROSOFT HEADQUARTERS, and that will be the LAST TENT EVER PITCHED at MICROSOFT HEADQUARTERS!

--
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Re:All software is full of bugs by Greyfox · 2014-07-27 17:28 · Score: 4, Funny

My programming skills are debatable but I tested in the top 10th percentile for dick-punching. Here... let me show you...

--
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Re:Not surprised by Cryacin · 2014-07-27 20:26 · Score: 4, Funny

All the app developers want this for Christmas:

http://www.shutterstock.com/pi...

--
Science advances one funeral at a time- Max Planck
Re:Not surprised by JustOK · 2014-07-27 21:39 · Score: 3, Funny

True. --Posted from YOUR phone.

--
rewriting history since 2109