Hybrid mobile apps could be ticking security time bomb
Hybrid mobile apps, which are forecast by Gartner to account for half of all mobile apps by 2016, pose significant security risks, warns ICSA Labs.
Researchers at Syracuse University have demonstrated how hybrid apps based on HTML5 are more susceptible to code injection than native apps, which could result in personal information being captured and sent to an attacker and the app spreading its malware to a victim's contacts through SMS text messaging, the security testing lab explains.
"If you are developing these hybrid apps, you have to take steps to consider which APIs you are using because in some cases the API renders [displays] the way a native app would but in some cases it also executes" code that could be malicious, Walsh says.
- check out Walsh's blog
- read the Syracuse researchers' paper [pdf]
True Value tackles challenging mobile app problem
Gartner: Hybrid mobile apps well-suited for BYOD environments
Intel scoops up appMobi's HTML5 developer tools, staff