Is That New App on Your Android Phone Opening the Door to Hackers?

Researchers at the University of Michigan have found gaping holes in Android app security. The problem is known as open port backdoors, and even some very popular apps are affected by the problem. The flaw could be used to gain access to your contacts, security credentials, photos and even to take control of your device. Nicole Casal Moore and Steve Crang write for Michigan News:

How to protect yourself
They have some advice for Android users: Update AirDroid to the latest patched version (AirDroid is pre-installed on some devices). Don’t use the default passcodes. Only launch vulnerable open port apps when you need them, and after using them, be sure to exit them fully through the task manager.

“When choosing an app whose functionality is data sharing across devices, proxy/VPN, or enabling the user to control a phone remotely—without physically accessing it—we recommend being extra careful. Consider using only those created by developers with good reputations,” said Yunhan Jia, a doctoral student in computer science and engineering who is involved in the research.

The team identified 410 apps with dangerous insecurities, and 956 different individual ways those insecurities could be exploited. Beyond these figures, they manually confirmed vulnerabilities in 57 applications, including popular file transfer mobile apps with 10-to-50 million downloads. Overall, the number of mobile devices at risk could turn out to be higher, as the researchers continue to investigate how open ports are used in mobile devices.

E.J. Smith - Your Survival Guy

Preparing your investments and family for when disaster strikes.

E.J. Smith is the Founder of YourSurvivalGuy.com, Managing Director at Richard C. Young & Co., Ltd., a Managing Editor of Richardcyoung.com, and Editor-in-Chief of Youngresearch.com. E.J. graduated from Babson College in Wellesley, Massachusetts, with a B.S. in finance and investments. In 1995, E.J. began his investment career at Fidelity Investments in Boston before joining Richard C. Young & Co., Ltd. in 1998. E.J. has trained at Sig Sauer Academy in Epping, NH, where he completed course-work in Practical and Defensive Handgun, Conceal Carry Pistol, Shotguns, Precision Scope Rifle and Kidnapping Prevention. E.J. plays a Yamaha Recording Custom drum set with Zilldjian cymbals. His first drum set was a 5-piece Slingerland with Zilldjians. He grew-up worshiping Neil Peart of the band Rush, and loves the song Tom Sawyer—the name of his family’s boat, a Grady-White Canyon 306. He grew up in Mattapoisett, MA, an idyllic small town on the water near Cape Cod. He spends time in Newport, RI and Bartlett, NH—both as far away from Wall Street as one could mentally get. The Newport office is on a quiet, tree lined street not far from the harbor and the log cabin in Bartlett, NH, the “Live Free or Die” state, sits on the edge of the White Mountain National Forest. He enjoys spending time in Key West and Paris. Please get in touch with E.J. at ejsmith@youngresearch.com. Sign up here to receive all the best content from Richardcyoung.com each week.