Comments

Mobile Devs Making the Same Security Mistakes Web Devs Made in the Early 2000s

Mobile Devs Making the Same Security Mistakes Web Devs Made in the Early 2000s
Published on June 04, 2018 at 05:10PM
Catalin Cimpanu, writing for BleepingComputer: Mobile app developers are going through the same growing pains that the webdev scene has gone through in the 90s and 2000s when improper input validation led to many security incidents. But while mobile devs have learned to filter user input for dangerous strings, some of these devs have not learned their lesson very well. In a research paper published earlier this year, Abner Mendoza and Guofei Gu, two academics from Texas A&M University, have highlighted the problem of current-day mobile apps that still include business logic (such as user input validation, user authentication, and authorization) inside the client-side component of their code, instead of its server-side section. This regretable situation leaves the users of these mobile applications vulnerable to simple HTTP request parameter injection attacks that could have been easily mitigated if an application's business logic would have been embedded inside its server-side component, where most of these operations belong.

Read more of this story at Slashdot.





Hope you like this please comment your view and share to your friends thanks for visiting bye guys meet you in next post
Mobile Devs Making the Same Security Mistakes Web Devs Made in the Early 2000s Mobile Devs Making the Same Security Mistakes Web Devs Made in the Early 2000s Reviewed by Kartik on June 04, 2018 Rating: 5

No comments:

Ad

Powered by Blogger.