Abstract
Smartphone and tablets are personal devices that have diffused to near universal ubiquity in recent years. As Smartphone users become more privacy-aware and -conscious, research is needed to understand how “leakage” of private information (personally identifiable information – PII) occurs. This study explores how leakage studies in Droid devices should be adapted to Apple iOS devices. The OWASP Zed Attack Proxy (ZAP) is examined for 50 apps in various categories. This study confirms that: (1) most apps transmit unencrypted sensitive PII, (2) SSL is used by some recipient websites, but without corresponding app compliance with SSL, and (3) most apps in iOS environments reveal (leak) smartphone version. The paper concludes that much additional work is needed to assess the privacy dominance between platforms and to raise user awareness of smartphone privacy intrusions
Original language | English |
---|---|
Publication status | Published - Apr 2016 |
Event | 11th Annual ADFSL Conference on Digital Forensics, Security and Law - Daytona Beach, United States Duration: 24 May 2016 → 26 May 2016 Conference number: 11 |
Conference
Conference | 11th Annual ADFSL Conference on Digital Forensics, Security and Law |
---|---|
Country/Territory | United States |
City | Daytona Beach |
Period | 24/05/16 → 26/05/16 |