The researchers who discovered it Heartbleed security gap, found that more than half of them 50 most popular Android applications have a security blanks, due to the irresponsible recycling of code libraries.
The list of these applications will be announced within the month by Codenomicon who coined the term "Heartbleed", while publishing its conclusions for those who have neglected to adopt more strong security practices.
What these Android apps do is to send it Android ID the user to advertising networks third parties, obviously without the user's permission.
According to study, 1 on 10 applications send the code IMEI device or data for location to third parties, 1 in 10 apps are connected to more than two advertising networks, while it is striking that there is an application that even sends him number of the user's mobile phone.
Also, 30% of apps transmit personal data in simple form text and many others do not encrypt data during transport.
Codenomicon Chief Security Officer Olli Jarva, he told ITNews that 80% with 90% of mobile applications consists of reusable libraries, most of which are available in the context open code.
That's because developers do not want to invest to rewrite code for each application they have.
Consequently, applications inherit security gaps, or because of bad design, either errors when integrating the code into applications.
These security loops other times are detected, other times as in the case of Heartbreed, are detected after years.
Finally, Jarva hinted that some developers operate "intentional", to serve advertising interests.
Source: e-pcmag.gr
