M4: Unintentional Data Leakage

Overview

Unintentional data leakage occurs when a developer unintentionally places sensitive information or data in a location on the mobile device easily accessible by other apps on the device. This vulnerability may lead to the extraction of the app's sensitive information via mobile malware, modified apps, or forensic tools, resulting in privacy violations, PCI violations, reputational damage, or fraud.

Description

Unintentional data leakage (previously known as side-channel data leakage) encompasses vulnerabilities from the OS, frameworks, compiler environment, new hardware, etc., without a developer's knowledge. It is most commonly observed in undocumented or under-documented internal processes, such as caching data, key-presses, logging, and buffers. To prevent unintentional data leakage, it is crucial to threat model your OS, platforms, and frameworks, identifying defaults to apply mitigating controls.

How to Prevent ?

To prevent unintentional data leakage, conduct a threat model analysis of your OS, platforms, and frameworks, understanding how they handle features such as URL caching, keyboard press caching, copy/paste buffer caching, application backgrounding, logging, HTML5 data storage, browser cookie objects, and analytics data sent to 3rd parties. By identifying defaults and applying mitigating controls, you can avoid unintentional data leakage.

Example Attack Scenarios:

• iOS:  Attack scenarios in iOS encompass URL caching, keyboard press caching, copy/paste buffer caching, application backgrounding, logging, HTML5 data storage, browser cookie objects, and analytics data sent to 3rd parties.

• Android:  Attack scenarios in Android encompass URL caching, keyboard press caching, copy/paste buffer caching, application backgrounding, logging, HTML5 data storage, browser cookie objects, and analytics data sent to 3rd parties.