Mobile computing has changed the game. Your personal data is no longer just stored on your desktop in the sanctuary of your office or home. You now carry personally identifiable information, financial data, personal and corporate email, and much more in your pocket, wherever you go. The smartphone is quickly becoming ubiquitous, and with at least 40 applications installed on the average smartphone the attack surface is significant.
Smartphones have become commonplace not only in the consumer markets but also now in the enterprise. Enterprise mobile applications extend the corporate environment beyond the workplace, introducing new security concerns and exposing organizations to new types of threats. Enterprises embracing “Bring Your Own Device” (BYOD) strategies should be particularly mindful of the array of applications that the smartphone may have installed and run within the corporate network.
This book is a practical guide to reviewing the security of mobile applications on the most widely adopted mobile operating systems: Apple iOS, Google Android, BlackBerry, and Windows Mobile. It focuses solely on the client-side, examining mobile applications in the context of these devices as opposed to server-side applications, where security is much more mature and better understood.
The focus of this book is highly practical. Although we provide some background theory for you to understand the fundamentals of mobile application vulnerabilities, ...