October 23, 2021

Privacy: Free Tool Reveals Mobile Apps Sending Unencrypted Data

Access to the data tool discussed below is free. It’s currently only available for computers running Windows 7 or Windows 8.

From the IDG News Service: 

The program, called Datapp, comes from the University of New Haven’s Cyber Forensics Research and Education Group (UNHcFREG), which last year showed popular Android applications such as Instagram, Grindr and OkCupid failed to safely store or transmit data.

[Clip]

There are many security tools that can collect wireless data traffic, but they’re usually designed for people with some technical background. Datapp is essentially a traffic “sniffer,” along the lines of network traffic analysis tool Wireshark, but much simpler.

[Clip]

Apps that don’t use encryption are vulnerable to snooping. For example, data sent over a Wi-Fi hotspot could be collected by someone nearby. Groups including the Electronic Frontier Foundation and companies such as Google have made a large public push to encourage developers to use encryption to prevent everything from spying to cybercrime.

Read the Complete Article

Note from Gary Price, infoDOCKET Founder and Editor:

Another tool that works with all platforms (it’s Java code) that can assist in identifying unencrypted traffic is Cookie Cadger. It does require having WireShark up and running but it makes identifying unencrypted traffic easier. It’s also free to download and use. Learn More/Download.

This presentation (from CNI Fall Meeting 2014) that I was part of includes a live demo of Cookie Cadger. 

About Gary Price

Gary Price (gprice@mediasourceinc.com) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. Before launching INFOdocket, Price and Shirl Kennedy were the founders and senior editors at ResourceShelf and DocuTicker for 10 years. From 2006-2009 he was Director of Online Information Services at Ask.com, and is currently a contributing editor at Search Engine Land.

Share