HP finds serious flaws in iOS mobile applications

Hewlett Packard today said it had found serious vulnerabilities in the majority of business-focused iOS mobile apps it recently conducted a series of security tests on.

The vulnerabilities pose a danger to businesses because mobile apps are commonly used to extend corporate Web sites, according to Mike Armistead, vice-president of HP.

HP tested more than 2,000 iOS apps developed for commercial use by some 600 companies in 50 countries and found that at least nine out of 10 had vulnerabilities. The tests covered apps from 22 iTunes App Store categories being used for business-to-consumer or business-to-business purposes.

HP found that 97 per cent of the apps inappropriately accessed private information sources within a host device while 86 per cent of the apps were vulnerable to attacks like SQL injection. Majority of the apps lacked protection against common exploits such as cross-site scripting, insecure data transmission and misuse of encrypted data.

Many of the apps did not implement SSL/HTTPS properly.

HP said that one of the main reasons for the weaknesses is the pressure to develop mobile apps for business purposes rapidly.

Read the whole story here.

Nestor E. Arellano
Nestor E. Arellano
Toronto-based journalist specializing in technology and business news. Blogs and tweets on the latest tech trends and gadgets.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web