Almost all apps used by emergency professionals have vulnerabilities, says DHS

The Department of Homeland Security found that almost all apps used by emergency professionals have vulnerabilities.

Of the 33 popular first responder apps tested, all but one was found to raise potential security and privacy concerns – and more than half had ‘critical flaws’ …

Author Ad Placeholder
Will only appear on redesign env.

The DHS explained the reason for the checks.

The pilot [program] sought to determine the degree to which the selected public-safety apps are vulnerable to cyberattacks—malware, ransomware and spyware—or had coding vulnerabilities that could compromise the device’s security, expose personal data or allow for eavesdropping.

The results were far from reassuring.

The pilot-testing project discovered potential security and privacy concerns—such as access to the device camera, contacts or Short Message Service messages—in 32 of 33 popular apps that were tested. Eighteen apps were discovered to have critical flaws such as hard-coded credentials stored in binary, issues with handling Secure Sockets Layer certificates or susceptibility to “man-in-the-middle” attacks.

The good news is that 14 of the apps have been fixed, with one surprising piece of news.

Most developers who fixed their app’s vulnerability(ies) reported investing approximately one hour on remediation. Remediation steps included removing old or unused code, enabling built-in security provided by the operating system, and ensuring the functionality requested is necessary for operations.

More information can be found on the DHS website.

Via Engadget

Check out 9to5Mac on YouTube for more Apple news:

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel



Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!

Ben Lovejoy's favorite gear