Furthermore, Aaron is concerned that mobile app developers have too much faith in the platforms running their apps, when in reality it is easy to obtain a compromised device that will grant hackers control over an app and help them learn what APIs the app uses and how to access them. Hackers can use this information to extract, tamper with, and repackage the code.
Even more dangerous, mobile devices using applications for healthcare and payments contain a lot of exploitable information, and many developers use obvious naming techniques in the code they write that make sensitive information easy to uncover. Paul believes that computer science education could be to blame for not teaching developers thoroughly about security.
On the company level, most large organizations are pushed to have the fastest, first to market solution to each new advancement in technology, which influences them to set security concerns aside and/or to add it on later in order to release new applications or platforms. Paul and Aaron agree that if security is an afterthought added onto the product, it’s way too easy to hack. Many products today have these basic flaws, and managers and developers should learn from their mistakes and learn to build in security from the beginning. Paul predicts that “in three years, binary-level analysis, especially on mobile platforms, is all anybody’s going to be talking about and thinking about in terms of solutions.”
" for a free demo.