Saturday, 5 March 2011

Bug in Application Protection

Swami Nikhilaananda said:
"Every system has vulnerabilities... Sooner or later someone will find it and either report it or exploit it"

RuimanInfo has created a fantastic app called Application Protection that does exactly that the name says - Protect apps. I use it mainly to protect my inbox so that prying eyes won't be able to read my messages. The way in which this app works is simple - When someone tries to open a protected app, a password screen gets thrown.

However, I found that there was a way to bypass this screen for messages. If you install Google Translate app, there is a feature in that app to send an SMS using a translated language. Now, when I open inbox using conventional method, the password screen is thrown as usual. But, when I try to send an SMS through the Google Translate app, immediately the inbox gets opened by bypassing the Application Protection screen. I don't know if this is a bug with this program or with Google's app... But this will make your inbox vulnerable. Please be sure that you don't have Google Translate app if you have Application Protection to protect your messages. Also, check if the same issue exists with other apps.

I have contacted RuimanInfo about the issue and am awaiting their response.

2 comments:

Mirrored Minds said...

Does the inbox open or the compose message open? If the latter does, then its not surprising. If the former does, then its interesting.

Nik said...

No, it opens the inbox, where you can select messages to reply