Predict your next investment

MOBILE & TELECOMMUNICATIONS | Mobile Software & Services
appblade.com

See what CB Insights has to offer

Stage

Debt | Alive

Total Raised

$500K

Last Raised

$500K | 8 yrs ago

About AppBlade

AppBlade allows users to easily deploy and distribute applications over the air to iPad, iPhone, Android & BlackBerry through a mobile browser. AppBlade is designed to ensure user, device, and application security through our SDK or Mobile Device Management (iOS only).

AppBlade Headquarter Location

188 North Street #21

Boston, Massachusetts, 02113,

United States

207-659-1858

Latest AppBlade News

Uber Closes a Loophole, but Its Leaked Driver App Is Still Out There

Sep 9, 2014

1 The UberDriver app has leaked . There is currently no way for Uber to stop it from being distributed. And the heads of two Boston startups specializing in app development and security believe this is a major breach that calls into question the decision-making of the ridesharing industry's biggest name. The leak is "dreadful," AppBlade president James Daniels told BostInno Monday afternoon. "This is really bad. " "This is Uber's network, their entire site ... their business model has been compromised. " – James Daniels, AppBlade President AppBlade is a Boston-based startup that specializes in mobile device management, development and security. They work with big names,  including PayPal and Storify. Daniels' expertise is in making sure applications developed for enterprise companies are protected; if an app is leaked, a company like AppBlade can shut it down and prevent people who shouldn't have access to it from using it. "It's one thing that the app leaked," Daniels said, adding, "it's another thing that it can be used" – with an existing driver's account information . "You can fake being an UberDriver with this app. " I, technically, have. I came across the link to download the UberDriver app on a Reddit subthread last week. "The link has already been turned off," said Raizlabs CEO Greg Raiz. Raiz is a director of AppBlade, which spun off from Raizlabs at the beginning of this year. Monday afternoon I sent Raiz the link that allowed me to download the UberDriver app on my iPhone 5S. That link is now defunct – but that doesn't mean Uber's problem no longer exists. When I downloaded the UberDriver app, my iPhone 5S was updated; located under General Settings, in my phone's Profile, "Uber Wildcard Enterprise" has been installed. This type of application is built by a developer for a specific company's use only – and it's unrestricted. "These comments are ridiculous and irresponsible. At Uber we pride ourselves on using state of the art technology to ensure a safe ride..." "If the build is out there, someone can distribute it," Raiz said. There are four ways of distributing an app, I learned: Apple's App Store; a special business (B2B) iTunes Store; an "Ad-hoc" class for developers; and an "Enterprise" class. The UberDriver app falls into this "Enterprise" category. (The screenshot pictured above was taken off my phone. ) Instead of going through the App Store, companies can distribute their Enterprise apps to employee devices. Raizlabs Founder, CEO Greg Raiz – Courtesy photo In other words, Enterprise apps are private. Part of Apple's terms and conditions stipulate that a formal relationship between the app developer(s) and the company exists, before the app is installed on a device. Enterprise apps are supposed to be monitored by Apple, and the companies they are built for are supposed to be vetted, Daniels said. Enterprise licenses can be revoked by Apple, but this "rarely" happens, he said. An Apple technician at the Apple Store on Boylston St. said Monday afternoon that Enterprise applications are typically distributed through encrypted, secure emails. I showed the technician the Uber Wildcard Enterprise setting on my phone. The technician said the only examples of this that he is familiar with have involved jail-broken phones – phones that have been hacked, had their iOS system wiped and reinstalled. The link I downloaded, the technician said, had been designed to bypass the Apple store like an Enterprise app can do, but I was able to download it without accessing any encrypted email. Uber "really did not put any security into the [UberDriver app]," Daniels said, adding, "So many simple things could have been done" to prevent the app from being downloaded by someone who has not been hired as an Uber driver. This leak has made him question Uber as a company, he said. In a statement provided to BostInno Monday night, Uber responded to Raiz' and Daniels' comments: These comments are ridiculous and irresponsible. At Uber we pride ourselves on using state of the art technology to ensure a safe ride, including a number of fraud prevention techniques and algorithms. Throughout the testing of this limited availability BYOD beta, additional anti-fraud features are continually being built into the program. It’s also important to note that attempting this type of fraud is not only explicitly prohibited by our terms and conditions – it’s illegal. “I stand by what I said, Daniels told BostInno Tuesday morning. "From what I understand of the situation, it seems that the possibility of the driver application getting leaked wasn’t even considered, the minimum effort not taken, and that’s irresponsible. Security is hard, even if you try you’ll likely fail against a determined attacker—but you have to try. " AppBlade president James Daniels – Courtesy photo In an August 27 blog post, Uber announced the rollout of its BYOD (Bring Your Own Device) program. Now, in select cities, including Boston and San Francisco, Uber drivers are allowed to turn in their company-provided iPhone and have the UberDriver app downloaded onto their personal iPhone 4S or newer. The BYOD program is why the app leaked, and why I was allowed to download it. "Are they really this cavalier? " Daniels questioned, when first made aware of the leak Monday afternoon. "This is [Uber's] network, their entire site ... their business model has been compromised. "

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

AppBlade Web Traffic

Rank
Page Views per User (PVPU)
Page Views per Million (PVPM)
Reach per Million (RPM)
CBI Logo

AppBlade Rank

CB Insights uses Cookies

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.