This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Mobile Top 10 2014-M4

From OWASP
Revision as of 05:11, 27 January 2014 by Jason Haddix (talk | contribs) (Created page with "{{Top_10_2010:SummaryTableHeaderBeginTemplate}} {{Top_10_2010:SummaryTableValue-1-Template|Exploitability|EASY}} {{Top_10_2010:SummaryTableValue-2-Template|Prevalence|COMMON}}...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts
Application Specific Exploitability
EASY		 Prevalence
COMMON		 Detectability
EASY		 Impact
SEVERE		 Application / Business Specific
Threat Description Attack Vector Description Security Weakness Description Technical Impacts Business Impacts

Am I Vulnerable To Side Channel Data Leakage?

Unintended data leakage (formerly side-channel data leakage) is a branch of Insecure Data Storage. It includes all manner of vulnerabilities that can be introduced by the OS, frameworks, compiler environment, new hardware, etc, all without a developers knowledge.

In the mobile development world this is most seen in undocumented internal processes such as:

  • The way the OS caches data, images, key-presses, logging, and buffers.
  • The way the development framework caches data, images, key-presses, logging, and buffers.
  • The way or amount of data ad, analytic, social, or enablement frameworks cache data, images, key-presses, logging, and buffers.

How Do I Prevent Side Channel Data Leakage?

How do I prevent


Example Scenarios

Example Scenarios


References

References

Retrieved from "https://wiki.owasp.org/index.php?title=Mobile_Top_10_2014-M4&oldid=166670"