Not that there’s anything wrong with Apple’s built-in mobile security features – it’s the opposite actually. It turns out that developers are relying almost entirely on the OS’ security and not bothering to build out security at the app-level, according to a CNN article. Putting all your eggs in one basket makes it pretty easy to break a lot of eggs at once. From CNN Money:
With thousands of apps in the iTunes App store all featuring the same exact security features, one single vulnerability could have a domino effect.
“Security is now an afterthought for many app developers,” said Jonathan Zdziarski, senior forensic scientist at viaForensics, in a presentation at the Black Hat cybersecurity conference in Las Vegas on Thursday. “That means if you hack one, you can hack them all.”
Read the full article at CNN >>>
It’s not likely that someone will hack all the apps on your phone at once (they’d need to have access to your phone then find and exploit a security hole within iOS), but the point is that app developers shouldn’t rely on something that is totally out of their hands. App developers have nothing to do with iOS security testing and thus have no insight into what is done, how it’s done or anything that might have been overlooked. If a vulnerability is discovered (which isn’t common with iOS but isn’t unheard of either) developers have no control over how quickly a patch is pushed. Essentially, you’re letting someone else control your fate.
By not building security into your app, and thoroughly testing that security, you’re leaving your users susceptible to hackers – and wronged users aren’t going to point the finger at Apple if a vulnerability is exploited and their information if exposed through your app, they’re going to blame you. Would you leave your doors unlocked just because you have a fence around your house? Sure, it may be a high fence, but a determined robber will find a way around it.