Tag Archives: security

Yet another Android security vulnerability

Android security holes seem to be pouring down from the skies nowadays. This new vulnerability allows a malicious website to access files located on your SD card.

For more details check this article on Androidcentral.

More Android exploits

As I pointed out in a previous post, Android is, if used incorrectly, just as insecure as any normal PC. After writing that post, a few reports on exploitable vulnerabilites in Android has surfaced.

There seems to be a bug in the credentials manager, which can be exploited to install applications without the users approval:

http://news.cnet.com/8301-27080_3-20022545-245.html
http://www.swedroid.se/sakerhetshal-i-android-funnet-android-1-x-till-2-2-drabbat/ (In Swedish)
http://www.idg.se/2.1085/1.352716/android-drabbat-av-allvarlig-bugg/ (Also in Swedish)

There is also a vulnerability in the browser in most Android phones on the market today:

http://www.securecomputing.net.au/News/237976,android-exploit-code-published.aspx

In addition to this, on November 2, Coverity Inc., famous for its array of various code analysis software, published a report about a number of potential security issues in the Linux kernel used in Android:

http://www.coverity.com/html/press/coverity-scan-2010-report-reveals-high-risk-software-flaws-in-android.html

So, as already pointed out: Be careful about which applications you download and which web sites you visit with your Android phone (or any network capable device, for that matter)!

Is Android secure?

There’s been a lot of talk lately in swedish media about the security of smart phones. This news report (in swedish) by the swedish public service TV station SVT shows how easy it is to hack into your iPhone and do all kinds of weird stuff, such as recording audio using the phone’s microphone or sending an SMS.

Following that report the well known swedish Android site Swedroid published an interview (also in swedish) about the security of Android. This post is written in response to that interview.
Read more »