Google's G1 Android Phone Ships with Security Vulnerability
Article by George Norman
On 28 Oct 2008
Google's Android once again makes the headlines, this time because the Google phone (G1) which was launched last week is vulnerable to hacker attack. For those of you that are keeping track, the previous week coincides to when the source code for Google's Android phone went open source.

According to ISE (short for Independent Security Evaluators) the problem resides in the fact that the Android OS (operating system) is based on various open source programs – a grand total of 80 open source programs to be more precise. The security issues within these software programs were addressed and fixes were issued, just that Google did not exactly use the up-to-date, patched versions. Instead it used older versions that are plagued by various vulnerabilities (known ones at that).

Advertising

The experts from ISE that discovered the problem are: Charlie Miller, Mark Daniel, and Jake Honoroff. According to them the security problem is exploitable, but they will not provide in depth information regarding it. Why have they chosen not to do that? The reasoning behind this is quite simple: the hackers that want to exploit it will have to do their own work, they will not be handed over the information. Meanwhile Google will have time to work on a security patch or fix. ISE will release the exploit that they came across only after Google makes a fix available. If you get hacked at that point, it is completely your fault because you did not take care to upgrade.

Here are the few details that we have about the vulnerability. If a hacker sets up a malicious site and you visit it, then said hacker can run malicious code and take over the browser. The attacker would have access to all the goodies stored in the browsers memory (cookies, passwords, data that you fed into various web applications). All the G1 phones that are currently being shipped to buyers, are shipped with this security vulnerability. At this time there is no known exploit in the wild and hopefully Google will release a fix before the hackers figure out how to exploit this vulnerability.



Tags: G1, Google Android, ISE
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 28 Jun 2017
The last time that Yahoo Mail changed its design was back in October 2013, when it celebrated its "sweet sixteen." That old design has now been replaced with a new one, and here's everything that's changed.
By George Norman on 26 Jun 2017
Remember the classic SEGA games of old, the ones that you used to play as a kid? Well, SEGA is taking you on a nostalgia trip by giving you the chance to play these games once more, but this time on your mobile.
Related News
By George Norman on 17 Feb 2017
Steam, the gaming distribution platform that has more registered accounts than Japan’s entire population, is having a Publisher Weekend, offering a ton of Square Enix games for up to 75% off.
By George Norman on 24 Mar 2017
The Humble Store is running a Square Enix Weekend and, just like Steam did in February, it is offering discounts of up to 75% on a lot of Square Enix games. The 10 titles I think are most deserving of your attention are…
By George Norman on 26 Apr 2017
Great news for Batman fans in general and Batman Arkham fans in particular. To celebrate the release of Batman Arkham VR, Steam is having a Midweek Madness sale and it’s offering discounts of up to 75% on all Batman Arkham Games.
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Google's G1 Android Phone Ships with Security Vulnerability
HTML Linking Code