25 Oct 2011 dyork   » (Master)

All Mobile Apps Developers (iOS, Android, Windows, Blackberry, etc.) Need To Read Troy Hunt’s Post

As I mentioned on my Disruptive Telephony blog today, this post by Troy Hunt really should be mandatory reading for anyone developing applications for mobile platforms:

Secret iOS business; what you don’t know about your apps

Yes, his post is about Apple’s iOS, but I’m unfortunately rather confident that the results would be similar if someone were to do a similar analysis with a proxy server on apps on Android, Blackberry, Windows Phone 7, WebOS and any other mobile platform.

These are application design problems.

As programmers, we all take “short cuts” from time to time… I’m as guilty of that as anyone… but sometimes those shortcuts have grave consequences.

Mobile developers need to read Troy’s piece… and then look at their own apps and see how they can change. Actions like:

  1. Securing the transport of login credentials! (DUH!!!)
  2. Not stuffing giant images down onto mobile devices when those images are going to be restyled in HTML to be tiny.
  3. Being wary about what info is gathered by apps – and also disclosing that to customers (and perhaps offering a way to opt out).

The list can go on… Troy’s article has other ideas in it, too… but the point is that in the rush to get a mobile app out there, some of these security and privacy issues (and bandwidth costs!) really do need some attention!

Syndicated 2011-10-25 15:43:54 from Code.DanYork.Com

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!