New Tool Detects Unsafe Security Practices in Android Apps

Computer scientists at Columbia Engineering have shown for the first time that it is possible to analyze how thousands of Android apps use cryptography without needing to have the apps’ actual codes. The team’s new tool, CRYLOGGER, can tell when an Android app uses cryptography incorrectly—it detects the so-called “cryptographic misuses” in Android apps. When given a list of rules that should be followed for secure cryptography, CRYLOGGER detects violations of these rules.

Some employees more likely to adhere to information security policies than others

Information security policies (ISP) that are not grounded in the realities of an employee’s work responsibilities and priorities exposes organizations to higher risk for data breaches, according to new research from Binghamton University, State University of New York.