Last week, we shared with you a story from AndroidPolice regarding a piece of nasty malware that could fairly easily infect your smartphone. Since then, Google has responded quickly and eliminated the DroidDream Malware. They also removed several other apps from the market-place that were potentially damaging.
Just yesterday, AndroidPolice reported a new security problem. There was a quickly squashed security hole found in the new implementation of the Android Market. Jon Oberheide, Co-founder and chief technology officer at Duo Security, found the security flaw last month and reported it to Google. They worked diligently to 'plug the hole' and applied the fix about a week ago.
The frightening thing about this vulnerability was how easily it could be exploited. The article had this to say,These new vulnerabilities and malware infections are a disturbing trend, and starkly visualize the "double-edged sword" that is the openness of the Android OS. In the long run each of these issues were taken care of quickly, and the openness of Android is a greater boon than a bane. However, we, as users, also need to be more diligent about our own security as well, and do everything we can to support developers of security software.Users would have merely had to click on a malicious link on either their phones or on their desktops to activate the unwanted installation of rogue software. Oberheide said he was surprised nobody had discovered the flaw before (which he called "low hanging fruit").
We can't completely stop unscrupulous people from taking advantage of others with malicious software, but we also can't hide in fear of what may happen. I'm even more appreciative of Xeudoxus' work now, and am looking forward to purchasing his Privacy Blocker app for my Android smartphone. These guys are our "Starship Troopers", fighting the bugs on the front-lines for the rest of us. I just wanted to shout out a huge thanks to them!