DroidForums.net is the original Verizon Android Forum! Registered Users do not see these ads. Please Register - It's Free!
Results 1 to 7 of 7

Thread: New Security Vulnerability in Android Market, Caught and Squashed by Google

  1. Editor in Chief
    dgstorm's Avatar
    Member #
    154790
    Join Date
    Dec 2010
    Posts
    6,304
    Liked
    2023 times
    Phone
    Enter Current Phone Model Here
    Premium Member
    #1

    New Security Vulnerability in Android Market, Caught and Squashed by Google


    Last week, we shared with you a story from AndroidPolice regarding a piece of nasty malware that could fairly easily infect your smartphone. Since then, Google has responded quickly and eliminated the DroidDream Malware. They also removed several other apps from the market-place that were potentially damaging.

    Just yesterday, AndroidPolice reported a new security problem. There was a quickly squashed security hole found in the new implementation of the Android Market. Jon Oberheide, Co-founder and chief technology officer at Duo Security, found the security flaw last month and reported it to Google. They worked diligently to 'plug the hole' and applied the fix about a week ago.

    The frightening thing about this vulnerability was how easily it could be exploited. The article had this to say,
    Users would have merely had to click on a malicious link on either their phones or on their desktops to activate the unwanted installation of rogue software. Oberheide said he was surprised nobody had discovered the flaw before (which he called "low hanging fruit").
    These new vulnerabilities and malware infections are a disturbing trend, and starkly visualize the "double-edged sword" that is the openness of the Android OS. In the long run each of these issues were taken care of quickly, and the openness of Android is a greater boon than a bane. However, we, as users, also need to be more diligent about our own security as well, and do everything we can to support developers of security software.

    We can't completely stop unscrupulous people from taking advantage of others with malicious software, but we also can't hide in fear of what may happen. I'm even more appreciative of Xeudoxus' work now, and am looking forward to purchasing his Privacy Blocker app for my Android smartphone. These guys are our "Starship Troopers", fighting the bugs on the front-lines for the rest of us. I just wanted to shout out a huge thanks to them!

    Source: AndroidPolice
  2.  
     
     
     
  3. Droid Sensei
    czerdrill's Avatar
    Member #
    22335
    Join Date
    Jan 2010
    Posts
    4,850
    Liked
    103 times
    Phone
    OG Droid UD 3.0 -- GB :)
    #2
    Google is turning into Microsoft with this security vulnerabilities every week hahaa...
    Google Interview Q&A

    Apple CEO, Verizon COO
  4. Junior Droid
    chrisnimon's Avatar
    Member #
    84470
    Join Date
    Jul 2010
    Location
    Lakeville Indiana :(
    Posts
    18
    Phone
    Galaxy S3 / GNex
    #3
    lol "The only good bug is a dead bug" Glad there are people looking out for us.
    Happy to be rid of my Motorola
  5. Droid Ninja
    johnomaz's Avatar
    Member #
    87119
    Join Date
    Jul 2010
    Location
    Central Valley, California
    Posts
    2,249
    Liked
    394 times
    Phone
    HTC One M8
    #4
    Quote Originally Posted by czerdrill View Post
    Google is turning into Microsoft with this security vulnerabilities every week hahaa...
    Not really. Software is only as good as the programmer. The hole was found and promptly fixed. Google took steps to remove the malware and did so. How about all the Apple issues that go unfixed until the next firmware update, and even not in the update at times. Franly, as a former iPHone user, i know of MANY more security issues with the iPhone than Android. Not to mention, Android is modified by phoen manufacturers and can make those holes themselves. A security hole from Apple is done by Apple.
    -------------------------------
    HTC One M8
    -------------------------------
  6. Droid Sensei
    czerdrill's Avatar
    Member #
    22335
    Join Date
    Jan 2010
    Posts
    4,850
    Liked
    103 times
    Phone
    OG Droid UD 3.0 -- GB :)
    #5
    Quote Originally Posted by johnomaz View Post
    Quote Originally Posted by czerdrill View Post
    Google is turning into Microsoft with this security vulnerabilities every week hahaa...
    Not really. Software is only as good as the programmer. The hole was found and promptly fixed. Google took steps to remove the malware and did so. How about all the Apple issues that go unfixed until the next firmware update, and even not in the update at times. Franly, as a former iPHone user, i know of MANY more security issues with the iPhone than Android. Not to mention, Android is modified by phoen manufacturers and can make those holes themselves. A security hole from Apple is done by Apple.
    Did you read the OP? It was a security hole in the Market, not some third party app. So the programmers that you mentioned are Google programmers and not some malicious hacker out there. So this security hole was done by Google and not anyone else. They can do wrong, believe me. Accepting that they are not infallible is the first step to recovery.

    Secondly, who cares about Apple? Why does Apple have to be even brought into this conversation? No one mentioned Apple, and as much as everyone here doesn't want to admit it, the constant mention of Apple only further proves that they are the company to beat. If Apple has security issues, that's their problems. I'm talking about Google and was comparing it to Microsoft. Nothing to do with Apple.

    This was a case of poor programming on Google's part, hence the reference to Windows. I remember when I used to use windows and everyday I'd get the "This fixes a vulnerability where a user can take control of your computer..." blah blah crap. It was a joke, I wasn't saying Google is the new Microsoft. Lighten up.
    Google Interview Q&A

    Apple CEO, Verizon COO
  7. Senior Droid
    obxsalvo's Avatar
    Member #
    37186
    Join Date
    Feb 2010
    Posts
    171
    Liked
    4 times
    Phone
    RAZR & DROID 1
    #6
    Well I say " Good Job Google" and I love the Droid, as well as your Map and Nav. We need more like you.
  8. Master Droid
    AngryHatter's Avatar
    Member #
    156556
    Join Date
    Jan 2011
    Posts
    520
    Liked
    2 times
    Phone
    X2
    #7
    There are far more people trying to kills and fill the security holes than malicious people trying to exploit them.
    Open is better in this regard.

Links

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Similar Threads

  1. Google Android Market
    By astevens54 in forum Android General Discussions
    Replies: 0
    Last Post: 02-13-2011, 12:05 AM
  2. Replies: 8
    Last Post: 01-31-2011, 06:19 PM
  3. Replies: 8
    Last Post: 01-27-2011, 09:11 AM
  4. Android Apps Caught Sending GPS Info to Advertisers
    By importune in forum Droid Forums Member News Depot
    Replies: 41
    Last Post: 10-27-2010, 06:39 AM
  5. Android, Security, Google, Vigilance!
    By Bateluer in forum Android General Discussions
    Replies: 28
    Last Post: 08-13-2010, 10:40 AM

Search tags for this page

android market vulnerabilities
,

android market vulnerability

,
android security issues 2011
,
android security vulnerability
,

android vulnerabilities 2011

,
atrix security vulnerability
,
droid razr security vulnerabilities
,
droid razr vulnerabilities
,
droid security
,
droid vulnerability
,
loja android market vulnerability
,
motorola atrix vulnerabilities
,
security flaws in atrix 2
,
vulnerability in incredible droid
,
vulnerability of android markets
Click on a term to search our site for related topics.
Find us on Google+