August 2016
Beginner
257 pages
8h 59m
English
Content preview from Network and Data Security for Non-Engineers
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial



Third-party software is the most vulnerable component in a system. For example, the iPhones released by Apple might have been fully penetration tested and checked out, but a single app installed after the user has access could circumvent the barriers set up by the manufacturer (Figure 6.1).
It is incorrect to describe “third parties” as simply additional apps that have been installed. Additional third parties could be an application programming interface (API) that was installed for a specific feature in an operating system (OS). Most of the time, this third party may not be in use and is merely lying dormant, waiting to accept input from a local app or from remote users. In many cases, attacks will start ...