Something I've been mulling over for a while: for mobile app developers and users, how would I determine whether a mobile app communicates securely (using SSL for example)? How can I know whether sensitive data (e.g. login credentials) is stored by the app and if so, whether in encrypted form or plain text? Is there a way to prevent unintended transmission of data e.g. accessing contacts when not required? Or am I being paranoid?