Due to their increasing pervasiveness, smartphones and more in general mobile devices are becoming the citizen’s companions in the daily life activities. Smartphones are today the repositories of our secrets (photos, email), of our money (online e-commerce) and of our identities (social networks accounts). Therefore mobile applications have the responsibility of handling such sensitive and personal information in a proper, secure way. This paper present the second phase of the MobiLeak project, analysing how mobile applications manage users data when these are loaded in the volatile memory of the device. Scope of this work is to raise the awareness of the research and development communities on the poor attention that is generally paid in the secure development of mobile applications.
QC 20131219