A Syracuse University professor says he's uncovered a security flaw in Android apps using the WebView platform.
Of the top 20 apps in ten categories in the Android market, 17 use WebView. It allows developers to embed browsers in their apps, giving users the opportunity to interact with social media, personal email and other app users.
However, professor of computer science Wenliang Du says he's discovered that the use of WebView opens app developers and users to potential risks.
First, he says, there's the issue of which apps to trust. Users of well-known browsers such as Firefox, Explorer or Safari can be fairly confident they're protected from malicious content.
However, WebView allows developers to embed browsers in their apps, creating thousands of browser applications on mobile platforms. And there is no way to determine which apps are trustworthy, he says. Malicious app developers could create apps that steal or modify users
Of the top 20 apps in ten categories in the Android market, 17 use WebView. It allows developers to embed browsers in their apps, giving users the opportunity to interact with social media, personal email and other app users.
However, professor of computer science Wenliang Du says he's discovered that the use of WebView opens app developers and users to potential risks.
First, he says, there's the issue of which apps to trust. Users of well-known browsers such as Firefox, Explorer or Safari can be fairly confident they're protected from malicious content.
However, WebView allows developers to embed browsers in their apps, creating thousands of browser applications on mobile platforms. And there is no way to determine which apps are trustworthy, he says. Malicious app developers could create apps that steal or modify users