LinkedIn, Nexflix and Foursquare named as newest app security offenders

Apple found itself in a public relations nightmare in April, after researchers revealed that iOS 4-running devices were not only storing their location data history but leaving it unencrypted. The finding prompted Apple to promise, in an April 27 press statement, to encrypt the data in its next major iOS software release (the newly introduced iOS 5), stirred the media, and presumably the public, into a tizzy and prompted at least one Senate subcommittee hearing on whether consumer-protecting legislation was keeping pace with technology. (A Google executive also participated in the hearing.)

Apple, however, is hardly alone in its trespass. According to a June 8 article from the Wall Street Journal, a number of popular Android applications from major companies, including LinkedIn, Netflix and Foursquare, are storing user names and passwords on devices unencrypted.

While a Google spokesperson told the Journal that it encourages developers to follow a number of security guidelines, it doesn't enforce any best practices. At fault, the article suggested, citing Andrew Hoog, the chief investigative officer of computer security firm viaForensics, is by no means ignorance of security risks but the need to fast-track new apps into the highly competitive app market.

"Security is not a priority of app developers," Hoog told the Journal.

That's bad news for consumers, as applications increasingly become a part of our online lives. By the end of 2011, research firm IHS iSuppli expects the Apple, Google, Nokia and Research In Motion app stores to collectively see revenue of $3.8 billion.

The "app Internet market," as Forrester Research refers to it, is additionally slated to grow at a compound annual growth rate of 85 percent through 2015, at which point the firm says it will emerge as a $38 billion market.

Forrester CEO George F. Colony expects the impact of mobile apps on business technology to be "profound," and suggests that while Apple has clear leadership in the space, "Web-centric companies such as Google and Facebook are risky bests ... due to their overreliance on Web-based technologies."

In a statement following a May Forrester event in Las Vegas, Colony added that the major PC vendors need to reinvent the PC experience to focus on app stores, which in the future will be on every connected device.

"The future is not written," Colony said in the statement. "Any or all of these vendors can change their strategy and move toward app Internet. Somebody is going to sit down and is going to reinvent themselves. Microsoft, Dell, and HP are candidates for that.”

With so much opportunity for innovation, reinvention and revenue, the question of true app security becomes a more pressing one.

Will those that have already suffered a PR raking over the coals be the first to emerge as purified examples?