App Vulnerabilities

veracode.pngVeracode have a new report on the State of Software Security (requires registration) that makes interesting reading for mobile developers. Of particular concern is that cryptographic issues still affect a sizeable portion of Android (64%) and iOS (58%) applications. Hard-coding a cryptographic key directly into the mobile application is common. 

Here’s the distribution of vulnerabilities across iOS and Android…


Considering Android only, Cryptographic issues affect 64% of apps and information leakage occurs in 26% of applications. However I would think that what constitutes ‘information leakage’ might be open to interpretation.


See the report for more analysis of iOS and BlackBerry vulnerabilities.