78ºF

Giving it away for free: New tool tests if mobile apps sending unencrypted data

photo

PEMBROKE PARK, Fla. – A group of "white hat" computer hackers at the University of New Haven released an application to fill the security gaps of some well-known apps.

University of New Haven's Cyber Forensics Research and Education Group (UNHcFREG) created Datapp to help consumers see whether or not data sent from their mobile phone or applications is encrypted.

The app was developed in response to numerous security issues that were found in social messaging applications. Assistant professor and director of UNHcFREG Dr. Ibrahim (Abe) Baggili, assistant professor and associate director of UNHcFREG Dr. Frank Breitinger, and graduate research assistant and UNHcFREG researcher Roberto Mejia found that many of these apps send unsecured data, meaning anyone who can intercept network traffic can read the data.

"People need to realize that these companies are making a lot of money based on information that we don't even realize that we are giving up," developer of Datapp, Roberto Mejia said.

VIDEO WEB EXTRA: Mejia talks about Datapp

Mejia said he developed the app as part of a class project to both inform and empower consumers by creating a program where they can test apps and hold companies accountable.

"We want to raise consumer awareness," Mejia said. "A lot of times as consumers we are not as worried where the information we are sharing with other devices really goes. We created it with the goal to allow you to test the applications on your phone to see if these applications you are using are really secure and if these companies really care about the privacy of the consumers."

The app creates a Wi-Fi access point on your laptop by linking your Ethernet and wireless card, ultimately making your laptop a wireless hotspot. It's an easy way to test the applications that you're using. It shows consumers how much companies care about the privacy of their consumers.

Mejia said applications such as What's App or Facebook Messenger are used to send personal pictures, and once these items are stored on iCloud, they're no longer in the person's control.

Datapp can show whether the traffic is encrypted over HTTP or HTTPS. It's made to reconstruct images on the fly if they are unencrypted, while also displaying the location of the where the data or server is that you're connecting to. This gives users the opportunity to see where their phone is being connected to all over the world.

In order to use the app, downloaders must have a computer with Windows 7, Ethernet interface, a wireless interface and a windows user account that enables them to run applications in administrative mode.

UNHcFREG developed the app without any outside funding and is accepting donations to add more features to it.

Click here to download the app.

Click here to learn more about how the app works and its requirements.