Nearly all 33 public safety apps tested by a pilot project of the Department of Homeland Security’s Science and Technology directorate had security vulnerabilities, GCN reported Jan. 30.
Assessed against the standards used for classified national security systems, 30 apps had flaws, 18 of them critical. The vulnerabilities could have allowed access to the cameras, contacts or SMS messages on users’ devices.
The test results were shared with the app developers, 20 of whom repaired the problems. The pilot project chose its subjects from Application Community (AppComm), which features at least 180 apps, calls itself “the single trusted site for public safety apps.” APCO International, an organization of public safety professionals, hosts AppComm and declined to comment on the GCN report.
The testing was conducted by DHS, the Association of Public-Safety Communications Officials and Kryptowire, which developed a mobile app-vetting platform.