Google's G1 Android Phone Ships with Security Vulnerability
Article by George Norman
On 28 Oct 2008
Google's Android once again makes the headlines, this time because the Google phone (G1) which was launched last week is vulnerable to hacker attack. For those of you that are keeping track, the previous week coincides to when the source code for Google's Android phone went open source.

According to ISE (short for Independent Security Evaluators) the problem resides in the fact that the Android OS (operating system) is based on various open source programs – a grand total of 80 open source programs to be more precise. The security issues within these software programs were addressed and fixes were issued, just that Google did not exactly use the up-to-date, patched versions. Instead it used older versions that are plagued by various vulnerabilities (known ones at that).

Advertising

The experts from ISE that discovered the problem are: Charlie Miller, Mark Daniel, and Jake Honoroff. According to them the security problem is exploitable, but they will not provide in depth information regarding it. Why have they chosen not to do that? The reasoning behind this is quite simple: the hackers that want to exploit it will have to do their own work, they will not be handed over the information. Meanwhile Google will have time to work on a security patch or fix. ISE will release the exploit that they came across only after Google makes a fix available. If you get hacked at that point, it is completely your fault because you did not take care to upgrade.

Here are the few details that we have about the vulnerability. If a hacker sets up a malicious site and you visit it, then said hacker can run malicious code and take over the browser. The attacker would have access to all the goodies stored in the browsers memory (cookies, passwords, data that you fed into various web applications). All the G1 phones that are currently being shipped to buyers, are shipped with this security vulnerability. At this time there is no known exploit in the wild and hopefully Google will release a fix before the hackers figure out how to exploit this vulnerability.



Tags: G1, Google Android, ISE
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 24 Mar 2017
The Humble Store is running a Square Enix Weekend and, just like Steam did in February, it is offering discounts of up to 75% on a lot of Square Enix games. The 10 titles I think are most deserving of your attention are…
By George Norman on 22 Mar 2017
What’s better than getting a brand new iPhone 7? Getting a brand new iPhone 7 that tells everyone you care about others and you’re willing to help the fight against AIDS.
Related News
By George Norman on 03 Oct 2016
A LOT of video games roll out to the public this month, including some of the most hotly anticipated games of the year. So without any further ado…
By George Norman on 17 Feb 2017
Steam, the gaming distribution platform that has more registered accounts than Japan’s entire population, is having a Publisher Weekend, offering a ton of Square Enix games for up to 75% off.
By George Norman on 24 Mar 2017
The Humble Store is running a Square Enix Weekend and, just like Steam did in February, it is offering discounts of up to 75% on a lot of Square Enix games. The 10 titles I think are most deserving of your attention are…
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Google's G1 Android Phone Ships with Security Vulnerability
HTML Linking Code