Popular mobile document management apps put data at risk-
[darkreading.com]
Dozens of popular file management apps published by a popular operator of an online document management system do not encrypt file transfers to and from user devices, potentially exposing data.
Mobile security firm Wandera, which discovered the issue, described it as impacting 23 of 29 Cometdocs apps on Apple's App Store. Four of the remaining apps did not convert files as claimed, and the other two were not file conversion apps. A random sampling of 31 Android versions of the same apps that Cometdocs has published on Google's official Play store showed them to be leaking private files as well, Wandera said.
"The Cometdocs applications are transferring files without using encryption (via http), providing bad actors the opportunity to cache and retrieve the files," the security vendor said in a report Thursday. The lack of encryption also gives attackers on the same Wi-Fi network as the user an opportunity to access files as they are transmitted to and from Cometdocs servers.
1
Enjoy being online again!
Welcome to the community of good people who base their values on evidence and appreciate civil discourse - the social network you will enjoy.Create your free account
1 comment
Feel free to reply to any comment by clicking the "Reply" button.That's one reason I don't like the platform or the apps. It hides too much that should be apparent. You can't tell what kind of connection an app is making, not in the same way you can tell on a web page. If I have the choice between app and web page, I choose the latter.
bingst
Level 8
Feb 22, 2020
1
Good choice.
Enjoy being online again!
Welcome to the community of good people who base their values on evidence and appreciate civil discourse - the social network you will enjoy.Create your free account
Share this post
Categories
Agnostic does not evaluate or guarantee the accuracy of any content. Read full disclaimer.