
Ready to Start Your Career?

By: RoninSmurf
January 20, 2016
Infosec Professional's Guide to Managing Smartphone Apps
By: RoninSmurf
January 20, 2016

By: RoninSmurf
January 20, 2016
[caption id="attachment_56548" align="aligncenter" width="800"]
Smartphones make our lives easier and keep us entertained with a wonderful array of apps.[/caption] Testing AppsGiven how much information is on our phones, it's of little surprise to see the rise of malware, spyware and viruses. Even though each of the major vendors verifies uploaded apps, it's pretty easy to sneak in malicious code. For security pros, it's key to test a few Smartphone apps.Test a WallpaperFor fun, I like to to check the app stores for various companies and see what apps made it into the fold. I like to know what horrible things are being download by users. Let's take a look at an app I tested:

Wall Paper
- The description for the app I tested is "400 Hot Wallpapers!" Yeah, we can probably see where this is going...
- The application had a rating of 4.1 our of 5, with over 226 people rating it. The worst reviews just complained of popups, which is not uncommon for free apps.
App Permissions
Whoa! My network scanner app has less permissions! This app could:
- Use your location (Why does a wallpaper app need my location?)
- Use your read - front facing camera (What, what?)
- Use your microphone (My wallpaper is listening in on me now?)
- Use your contacts (I guess it's a very social wallpaper.)
- Use your media library (This is common for any media based app.)
- Use your phone (.....)
- Use the appointments in your calendar (The app has places to go.)
- Send push notifications (Probably because of the popup banners.)
More awesome content...
The Comprehensive Guide to Ethical HackingBuild your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry