As I mentioned on my Disruptive Telephony blog today, this post by Troy Hunt really should be mandatory reading for anyone developing applications for mobile platforms:
Yes, his post is about Apple’s iOS, but I’m unfortunately rather confident that the results would be similar if someone were to do a similar analysis with a proxy server on apps on Android, Blackberry, Windows Phone 7, WebOS and any other mobile platform.
These are application design problems.
As programmers, we all take “short cuts” from time to time… I’m as guilty of that as anyone… but sometimes those shortcuts have grave consequences.
Mobile developers need to read Troy’s piece… and then look at their own apps and see how they can change. Actions like:
- Securing the transport of login credentials! (DUH!!!)
- Not stuffing giant images down onto mobile devices when those images are going to be restyled in HTML to be tiny.
- Being wary about what info is gathered by apps – and also disclosing that to customers (and perhaps offering a way to opt out).
The list can go on… Troy’s article has other ideas in it, too… but the point is that in the rush to get a mobile app out there, some of these security and privacy issues (and bandwidth costs!) really do need some attention!