It’s a week since the first Android handset, the T-Mobile G1, hit the stores, but a trio of researchers have already discovered a security flaw in the Android mobile platform.
Charlie Miller, Mark Daniel and Jake Honoroff, who work for security testing and analysis firm Independent Security Evaluators, have disclosed that a successful hack could allow the attacker to capture all the stored information on the phone’s browser. However, until a fix has been found, they weren’t willing to give any specifics.
They did give credit to the Android for its secure ‘sandbox,’ under which any attacks would be limited by cutting off access to outside components. But at the same time they criticized Google for not using the most recent version of open-source components in development.
"The vulnerability is due to the fact Google did not use the most up to date versions of all these packages," the researchers said. "In other words, this particular security vulnerability that affects the G1 phone was known and fixed in the relevant software package, but Google used an older, still vulnerable version."
Editors' Recommendations
- If you have one of these apps on your Android phone, delete it immediately
- The OnePlus Pad is a lovely Android tablet with a surprising flaw
- Google is killing your passwords, and security experts are (mostly) happy
- Your Google One plan just got 2 big security updates to keep you safe online
- Google wants to kill your passwords on Android and Chrome with passkeys