Storing passwords in plaintext is a bad idea. You’d think that the smarties at Netflix and Foursquare would know better. But the Wall Street Journal reports their Android versions – and other apps – do no such thing. Not good.
According to security firm viaForensics, the the Netflix, Foursquare, LinkedIn and Square apps for Android are storing your passwords without a trace of encryption. Square’s app on iOS is equally vulnerable, revealing transaction and digital signature histories to prying hacker fingers.
Any responses, fellas? Foursquare, LinkedIn and Netflix have all released mea clupas, saying they’re “working on” fixes for the unencrypted vitals. Square, on the other hand, blames global credit card standards for the data their app holds. Keep that in mind next time you swipe your card through someone’s phone. [WSJ]