Google's G1 Android Phone Ships with Security Vulnerability
Article by George Norman
On 28 Oct 2008
Google's Android once again makes the headlines, this time because the Google phone (G1) which was launched last week is vulnerable to hacker attack. For those of you that are keeping track, the previous week coincides to when the source code for Google's Android phone went open source.

According to ISE (short for Independent Security Evaluators) the problem resides in the fact that the Android OS (operating system) is based on various open source programs – a grand total of 80 open source programs to be more precise. The security issues within these software programs were addressed and fixes were issued, just that Google did not exactly use the up-to-date, patched versions. Instead it used older versions that are plagued by various vulnerabilities (known ones at that).

Advertising

The experts from ISE that discovered the problem are: Charlie Miller, Mark Daniel, and Jake Honoroff. According to them the security problem is exploitable, but they will not provide in depth information regarding it. Why have they chosen not to do that? The reasoning behind this is quite simple: the hackers that want to exploit it will have to do their own work, they will not be handed over the information. Meanwhile Google will have time to work on a security patch or fix. ISE will release the exploit that they came across only after Google makes a fix available. If you get hacked at that point, it is completely your fault because you did not take care to upgrade.

Here are the few details that we have about the vulnerability. If a hacker sets up a malicious site and you visit it, then said hacker can run malicious code and take over the browser. The attacker would have access to all the goodies stored in the browsers memory (cookies, passwords, data that you fed into various web applications). All the G1 phones that are currently being shipped to buyers, are shipped with this security vulnerability. At this time there is no known exploit in the wild and hopefully Google will release a fix before the hackers figure out how to exploit this vulnerability.



Tags: G1, Google Android, ISE
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 16 Jan 2017
With the goal of showing us what the future has in store for browsers, software developer Opera has done something it’s never done before: it released Opera Neon, the company’s first ever concept browser.
By George Norman on 16 Jan 2017
Nintendo recently held an event and, once again, unveiled the Nintendo Switch to the world. But this time, the Japanese gaming giant actually revealed a bunch of useful details about the Switch.
Related News
By George Norman on 01 Sep 2016
Looking for a new video game to play? Let’s take a look at some of the most exciting titles that are going to be released this month (September 2016).
By George Norman on 14 Sep 2016
The tech you once knew (and probably liked), is no more. That’s because it got rebranded, recalled or, worse of all, retired. There’s nothing worse than getting the axe.
By George Norman on 22 Sep 2016
Rise of Iron, the fourth expansion for Bungie and Activision’s first person shooter, brings with it an all new cinematic story campaign and a lot of fresh new content.
By George Norman on 03 Oct 2016
A LOT of video games roll out to the public this month, including some of the most hotly anticipated games of the year. So without any further ado…
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Google's G1 Android Phone Ships with Security Vulnerability
HTML Linking Code