Security firm SourceDNA has revealed a number of iOS apps that are violating Apple’s App Store policy that use private APIs to obtain a user’s private data. The apps all had one thing in common: They used the Youmi advertising SDK from China.
“We found 256 apps (est. total of 1 million downloads) that have one of the versions of Youmi that violates user privacy,” SourceDNA wrote on its blog. “Most of the developers are located in China. We believe the developers of these apps aren’t aware of this since the SDK is delivered in binary form, obfuscated, and user info is uploaded to Youmi’s server, not the app’s. We recommend developers stop using this SDK until this code is removed.”
Apple will be removing and rejecting all apps it finds using the Youmi SDK.
Google wants to lure away Microsoft businesses
Google is working with partners to provide businesses with licensing agreements with Microsoft incentives to make them switch. If they switch, Google will give them free use of a package of its competing software that normally costs US$5 or $10 per user each month, according to a report with IBN Live.
The report said that Google is limiting the free usage to 3,000 people per defecting customer, which means Google will forego $180,000 to $360,000 in annual revenue if a company with 3,000 people sign up for the offer. Google is offering to pay up to $75,000 to each company switching its software to cover the costs of the change. The attack on Microsoft is an attempt to hit its rival’s Office software, the report said.
AllSeen Alliance updates AllJoyn
The AllSeen Alliance is advancing its mission to securely bring about the “Internet of Everything” with the latest release of its open-source software project AllJoyn. The organization has announced improved security in the IoT framework that provides more user control and key management.
“For IoT to see mainstream adoption, and more importantly truly make people’s lives better, any fears or concerns about security and device privacy must be addressed. We’re enhancing AllJoyn’s security with collaboration across the IoT ecosystem, allowing us to standardize security for IoT, regardless of manufacturer or use case,” said Philip DesAutels, senior director of IoT at the AllSeen Alliance. “We’ve extended a familiar security model to the world of IoT, making it as easy as possible for developers, product managers and engineers to adopt an industry-standard security protocol for all IoT devices, regardless of transport or operating system.”