Apr 12, 2022
In Welcome to the Food Forum
SDK and APP developers should know very well, and developers have more or less contacted or installed them. When it comes to the issue of SDK security, developers may not be calm. The stakes are indeed a little bit. complicated. On the one hand, the SDK facilitates product design for developers, helps developers simplify development steps, improves development efficiency, and saves development costs, such as framework, advertising, push, statistics, map, social, payment, customer service, Test classes, etc. These different types of SDKs greatly facilitate developers. On the other hand, for developers, they have to bear the risks and consequences caused by embedding third-party SDKs, and due to the uneven development capabilities of SDK developers, it may be due to technical reasons or malicious 'backdoors' However,job title email list there are a large number of security vulnerabilities, and some SDKs will read and store user privacy in violation of regulations, or perform unauthorized operations. , it may bring serious losses to the APP and APP users. As early as July 2020, at the 3.15 party held after a four-month delay, CCTV exposed the problem of stealing user privacy with built-in SDK plug-ins in more than 50 apps. Read and upload the user's phone number, address book, SMS record, application list and other information, and steal data such as contacts and transaction verification codes, which seriously violates the user's privacy rights and property security. The SDK security issues surfaced, and for a while, the SDK became the "target of public criticism", and the society generally believed that the SDK was the "culprit" that caused the leakage of personal privacy data. Last month, a “Didi Chuxing” APP was removed from the app market due to serious violations of laws and regulations for collecting and using personal information, bringing personal information security issues back into the hot spot. It has made many APP operators feel uneasy.