Google's G1 Android Phone Ships with Security Vulnerability
Article by George Norman
On 28 Oct 2008
Google's Android once again makes the headlines, this time because the Google phone (G1) which was launched last week is vulnerable to hacker attack. For those of you that are keeping track, the previous week coincides to when the source code for Google's Android phone went open source.

According to ISE (short for Independent Security Evaluators) the problem resides in the fact that the Android OS (operating system) is based on various open source programs – a grand total of 80 open source programs to be more precise. The security issues within these software programs were addressed and fixes were issued, just that Google did not exactly use the up-to-date, patched versions. Instead it used older versions that are plagued by various vulnerabilities (known ones at that).

Advertising

The experts from ISE that discovered the problem are: Charlie Miller, Mark Daniel, and Jake Honoroff. According to them the security problem is exploitable, but they will not provide in depth information regarding it. Why have they chosen not to do that? The reasoning behind this is quite simple: the hackers that want to exploit it will have to do their own work, they will not be handed over the information. Meanwhile Google will have time to work on a security patch or fix. ISE will release the exploit that they came across only after Google makes a fix available. If you get hacked at that point, it is completely your fault because you did not take care to upgrade.

Here are the few details that we have about the vulnerability. If a hacker sets up a malicious site and you visit it, then said hacker can run malicious code and take over the browser. The attacker would have access to all the goodies stored in the browsers memory (cookies, passwords, data that you fed into various web applications). All the G1 phones that are currently being shipped to buyers, are shipped with this security vulnerability. At this time there is no known exploit in the wild and hopefully Google will release a fix before the hackers figure out how to exploit this vulnerability.



Tags: G1, Google Android, ISE
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Google's G1 Android Phone Ships with Security Vulnerability
HTML Linking Code