Mobile applications: A cesspool of security issues

An analysis of more than half a million mobile applications found that nearly one in five had hardcoded encryption keys, nearly one in six used software components with known vulnerabilities, and nearly two-thirds used broken or weak encryption.

Overall, the vast majority of mobile applications had a significant security weakness, despite user tendencies to trust the apps on their phones, says Andrew Hoog, co-founder and board member at NowSecure, a mobile-device penetration testing firm. In a presentation next week at the RSA Conference, he will discuss the findings of the company’s analysis of hundreds of thousands of applications.

Read more at Dark Reading