Nerd Chick Adventures: Is that App Safe to Download?
Mobile devices like Smartphones and tablets are made infinitely better – or worse – by the apps you install on them. With well over a million apps on the market, it can be overwhelming to decipher safe apps from the sketchy ones. Here’s how to recognize the duds before you download them.
“App” is short for “application,” and on a mobile device these little software programs come in the form of mini games, tools for things like active navigation, calendar and appointment tracking or a synced to-do list, access to Netflix, Facebook, or video chat… the options are seemingly endless. But not all apps are good. Junk apps can inundate you with pop ups, try to redirect your Internet browsing to affiliated websites, make your device run slowly, or even make it crash.
If you’re just cruising the app store, looking for something new to play or try, pay close attention to the number of reviews. If you see that an app has over 1,000 reviews, it is a good indication that the app is established enough to have weeded out most of the “new on the market” bugs. If it has a lot of reviews and more than three stars, you can be generally confident that it’s safe to download.
Before you click install, however, take a moment to read through 20 or more of the detailed reviews. Look for vague or suspiciously similar wording. This can indicate that the app developer may have paid a 3rd party to post fake reviews to drive up the app’s rating – a good reason to steer clear of apps with less than 100 or more reviews. Commonalities among the reviews will also give you a good indication of user experience. Lots of complaints about in-app purchase pop ups? Frequently crashes when you reach the end of a level? Let other users be the guinea pigs so you can avoid the more annoying apps on the market.
Be particularly leery of “shopping assistant” and discount-finding apps, as these are often designed to drive users to spend money with affiliated advertisers. Be aware that many also track your browsing and purchase history so as to sell your profile to those that want to send you targeted advertising. The monitoring and sharing of information running in the background, coupled with the app overriding your web searches to redirect you to specific vendors, can all cause your device to run slowly or crash.
Before you install any app, see if there are professional reviews of the program available from legit tech sites like CNet.com (http://www.cnet.com/topics/mobile-apps/) or PCMag.com (http://www.pcmag.com/reviews/mobile-apps). These sites are also a good resource for recommendations if you’re looking for an app that performs a specific function.
Keep in mind that just because an app is advertised by a game you know and love, there’s no guarantee that it’s related to the program you already use. Many app developers sell pop up and banner space to consolidated advertising companies in order to finance the app. Don’t install anything from an advertisement, and if you’re tempted anyway, check out the app first through the app store reviews or professional reviews, and then head to the app store to install it.
After vetting the app for legitimacy, the most important thing to do is to only download and install apps from your device’s legitimate app store, such as Apple’s iTunes App Store, Google Play, Amazon’s Kindle App store, etc. These sources are less likely to post Trojan Horse apps, or programs that have been found to include malware.
In November of last year, cyber criminals imbedded a Trojan malware program nicknamed “WireLurker” in more than 450 of the apps available through a popular Chinese app distribution site called Maiyadi. Popular games like Angry Birds, Sims 3 and Bejeweled 3 were infected with a program that could steal the contacts and personal information stored on your phone, as well as silently download more malware. All the while, the infected app would appear to run normally so as to not raise suspicion with the user.
The majority of those affected by WireLurker were Chinese users who downloaded apps from the Maiyadi site. Apple has fixed the security holes that allowed that particular strain of Trojan malware to gain control of infected devices, and the Maiyadi site has been taken down. However, the important take away is that even apps you’ve heard of and appear to work as they should can be infected with malware.
Apple makes it difficult for users in the U.S. to install apps on their mobile devices from anywhere other than the iTunes app store, and this closed ecosystem makes it easier to stop the spread of malware-infested apps. In order to install an app from a 3rd party site, you’d need to “jailbreak” your iPhone, iPad or iPod – in essence, breaking the pre-installed operating system to disable the device’s protections (which some users feel limit their ability to access the device’s full usefulness).
Android users, on the other hand, are free to install apps from all over the web. Allow me to strongly caution you against straying from the Google Play Store. If you see an app that you know normally costs money, but it’s being offered for free through a pop-up ad, banner ad, or somewhere else on the web, steer clear.
Finally, keep your mobile device’s operating system program up to date. If Apple, Google or Windows identifies a security flaw that is being exploited by rogue apps, the patch will come via an OS update for your device, so don’t ignore them.