A paper by North Carolina State University (NCSU) researchers concludes that a significant chunk of the apps in Google's Play market may pose a serious privacy and security risk. The apps themselves aren't the problem, but according to the researchers in-app advertising libraries that are provided by third-parties open up potentially serious security holes. Full details at The Inquirer.
He explained that the in-app ad libraries, which are provided by Google, Apple or other third-parties, retrieve advertisements from remote servers and run the ads on a user's smartphone periodically. Every time an ad runs, the app developer receives a payment. However, the research team warns that the practice opens up potentially serious security holes because the ad libraries receive the same permissions that the user granted to the app itself when it was installed. This occurs regardless of whether the users were aware that they were granting permissions to the ad library.
The paper warned, "These ad libraries pose security risks because they offer a way for third parties - including hackers - to bypass existing Android security efforts. Specifically, the app itself may be harmless, so it won't trigger any security concerns. But the app's ad library may download harmful or invasive code after installation."
Earlier today we reported about a paper that found that ads in free smartphone apps are major battery drainers, researchers from Purdue University in Indiana discovered that in some cases up to 90 percent of an apps' power consumption was caused by ads.