Mobile Top 10 2014-M4

Threat Description  Attack Vector Description Security Weakness Description Technical Impacts Business Impacts

Unintended data leakage (formerly side-channel data leakage) is a branch of Insecure Data Storage. It includes all manner of vulnerabilities that can be introduced by the OS, frameworks, compiler environment, new hardware, etc, all without a developers knowledge.

In the mobile development world this is most seen in undocumented internal processes such as:


 * The way the OS caches data, images, key-presses, logging, and buffers.
 * The way the development framework caches data, images, key-presses, logging, and buffers.
 * The way or amount of data ad, analytic, social, or enablement frameworks cache data, images, key-presses, logging, and buffers.

How do I prevent

Example Scenarios

References