shot-button
E-paper E-paper
Home > Lifestyle News > Health And Fitness News > Article > Google Play stares at serious security breach Study

Google Play stares at serious security breach: Study

Updated on: 19 June,2014 02:49 PM IST  | 
Agencies |

Using a new tool called PlayDrone, researchers at Columbia Engineering have discovered a crucial security problem in Google Play - the official Android app store where millions of Android users get their apps

Google Play stares at serious security breach: Study

New York: Using a new tool called PlayDrone, researchers at Columbia Engineering have discovered a crucial security problem in Google Play - the official Android app store where millions of Android users get their apps.


They found that developers often store their secret keys in their app's code, similar to usernames/passwords info.


These can be then used by anyone to maliciously steal user data or resources from service providers such as Amazon and Facebook.


Google Play
Pic/AFP

These vulnerabilities can affect users even if they are not actively running the Android apps.

Google Play has more than one million apps and over 50 billion app downloads.

"But no one reviews what gets put into Google Play, anyone can get a $25 (Rs.1,475) account and upload whatever they want. Very little is known about what's there at an aggregate level," said Jason Nieh, professor of computer science at New York-based Columbia Engineering.

To unlock this, researchers developed PlayDrone, a tool that uses various hacking techniques to circumvent Google security to successfully download Google Play apps and recover their sources.

PlayDrone scales by simply adding more servers and is fast enough to crawl Google Play on a daily basis, downloading more than 1.1 million Android apps and decompiling over 880,000 free applications.

"We have been working closely with Google, Amazon, Facebook and other service providers to identify and notify customers at risk, and make the Google Play store a safer place," informed Nicolas Viennot, a research student at Columbia Engineering.

Google is now using our techniques to proactively scan apps for these problems to prevent this from happening again in the future, he added in a paper presented at the ACM SIGMETRICS conference.

"Exciting news! Mid-day is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!


Mid-Day Web Stories

Mid-Day Web Stories

This website uses cookie or similar technologies, to enhance your browsing experience and provide personalised recommendations. By continuing to use our website, you agree to our Privacy Policy and Cookie Policy. OK