Crucial security problem discovered in Google Play | HT Tech

Crucial security problem discovered in Google Play

Researchers have discovered a crucial security problem in Google Play, the official Android app store where millions of users of Android, the most popular mobile platform, get their apps.

By:ANI
| Updated on: Jun 19 2014, 17:31 IST

Researchers have discovered a crucial security problem in Google Play, the official Android app store where millions of users of Android, the most popular mobile platform, get their apps.

Jason Nieh, professor of computer science at Columbia Engineering, said Google Play has more than one million apps and over 50 billion app downloads, but no one reviews what gets put into Google Play-anyone can get a 25-dollar-account and upload whatever they want. Very little is known about what's there at an aggregate level.

You may be interested in

MobilesTablets Laptops
27% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Vivo X100 Pro 5G
  • Asteroid Black
  • 16 GB RAM
  • 512 GB Storage
10% OFF
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

He said given the huge popularity of Google Play and the potential risks to millions of users, we thought it was important to take a close look at Google Play content.

Also read
Looking for a smartphone? To check mobile finder click here.

Nieh and PhD candidate Nicolas Viennot's paper is the first to make a large-scale measurement of the huge Google Play marketplace. To do this, they developed PlayDrone, a tool that uses various hacking techniques to circumvent Google security to successfully download Google Play apps and recover their sources.

They discovered all kinds of new information about the content in Google Play, including a critical security problem: developers often store their secret keys in their apps software, similar to usernames/passwords info, and these can be then used by anyone to maliciously steal user data or resources from service providers such as Amazon and Facebook.

These vulnerabilities can affect users even if they are not actively running the Android apps. Nieh notes that even 'Top Developers,' designated by the Google Play team as the best developers on Google Play , included these vulnerabilities in their apps.

In fact, Nieh adds, developers are already receiving notifications from Google to fix their apps and remove the secret keys.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 19 Jun, 10:49 IST
NEXT ARTICLE BEGINS
Not sure which Mobile to buy? Need help?