Overview
Explore the security implications of online application generators (OAGs) in mobile app development through this 20-minute IEEE conference talk. Delve into the first comprehensive classification of commonly used OAGs for Android and learn how to fingerprint generated apps. Discover the market penetration of these tools based on a study of over 2 million free Android apps. Examine the security vulnerabilities in boilerplate code, including code injection and insecure WebViews, as well as infrastructure issues. Understand the amplification effect of OAGs on these vulnerabilities and their impact on the overall health of the mobile app ecosystem. Gain insights into the challenges faced by citizen developers and the potential risks to end-users' sensitive data and privacy.
Syllabus
The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators
Taught by
IEEE Symposium on Security and Privacy