New Security Vulnerability in Android Market, Caught and Squashed by Google

Discussion in 'Android News' started by dgstorm, Mar 9, 2011.

  1. dgstorm

    dgstorm Editor in Chief
    Staff Member Premium Member

    Joined:
    Dec 30, 2010
    Messages:
    11,018
    Likes Received:
    3,980
    Trophy Points:
    823
    Location:
    Austin, TX
    Ratings:
    +4,255
    [​IMG]

    Last week, we shared with you a story from AndroidPolice regarding a piece of nasty malware that could fairly easily infect your smartphone. Since then, Google has responded quickly and eliminated the DroidDream Malware. They also removed several other apps from the market-place that were potentially damaging.

    Just yesterday, AndroidPolice reported a new security problem. There was a quickly squashed security hole found in the new implementation of the Android Market. Jon Oberheide, Co-founder and chief technology officer at Duo Security, found the security flaw last month and reported it to Google. They worked diligently to 'plug the hole' and applied the fix about a week ago.

    The frightening thing about this vulnerability was how easily it could be exploited. The article had this to say,
    These new vulnerabilities and malware infections are a disturbing trend, and starkly visualize the "double-edged sword" that is the openness of the Android OS. In the long run each of these issues were taken care of quickly, and the openness of Android is a greater boon than a bane. However, we, as users, also need to be more diligent about our own security as well, and do everything we can to support developers of security software.

    We can't completely stop unscrupulous people from taking advantage of others with malicious software, but we also can't hide in fear of what may happen. I'm even more appreciative of Xeudoxus' work now, and am looking forward to purchasing his Privacy Blocker app for my Android smartphone. These guys are our "Starship Troopers", fighting the bugs on the front-lines for the rest of us. I just wanted to shout out a huge thanks to them!

    Source: AndroidPolice
     
  2. czerdrill

    czerdrill Silver Member

    Joined:
    Jan 2, 2010
    Messages:
    4,825
    Likes Received:
    12
    Trophy Points:
    153
    Ratings:
    +12
    Google is turning into Microsoft with this security vulnerabilities every week hahaa...
     
  3. chrisnimon

    chrisnimon New Member

    Joined:
    Jul 4, 2010
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Lakeville Indiana :(
    Ratings:
    +0
    lol "The only good bug is a dead bug" Glad there are people looking out for us.
     
  4. johnomaz

    johnomaz Silver Member

    Joined:
    Jul 12, 2010
    Messages:
    3,119
    Likes Received:
    600
    Trophy Points:
    178
    Location:
    Central Valley, California
    Ratings:
    +728
    Current Phone Model:
    Google Pixel XL
    Not really. Software is only as good as the programmer. The hole was found and promptly fixed. Google took steps to remove the malware and did so. How about all the Apple issues that go unfixed until the next firmware update, and even not in the update at times. Franly, as a former iPHone user, i know of MANY more security issues with the iPhone than Android. Not to mention, Android is modified by phoen manufacturers and can make those holes themselves. A security hole from Apple is done by Apple.
     
  5. czerdrill

    czerdrill Silver Member

    Joined:
    Jan 2, 2010
    Messages:
    4,825
    Likes Received:
    12
    Trophy Points:
    153
    Ratings:
    +12
    Did you read the OP? It was a security hole in the Market, not some third party app. So the programmers that you mentioned are Google programmers and not some malicious hacker out there. So this security hole was done by Google and not anyone else. They can do wrong, believe me. Accepting that they are not infallible is the first step to recovery.

    Secondly, who cares about Apple? Why does Apple have to be even brought into this conversation? No one mentioned Apple, and as much as everyone here doesn't want to admit it, the constant mention of Apple only further proves that they are the company to beat. If Apple has security issues, that's their problems. I'm talking about Google and was comparing it to Microsoft. Nothing to do with Apple.

    This was a case of poor programming on Google's part, hence the reference to Windows. I remember when I used to use windows and everyday I'd get the "This fixes a vulnerability where a user can take control of your computer..." blah blah crap. It was a joke, I wasn't saying Google is the new Microsoft. Lighten up.
     
  6. obxsalvo

    obxsalvo Silver Member

    Joined:
    Feb 13, 2010
    Messages:
    548
    Likes Received:
    203
    Trophy Points:
    143
    Location:
    Hatteras Is. NC
    Ratings:
    +231
    Current Phone Model:
    Droid Turbo
    Well I say " Good Job Google" and I love the Droid, as well as your Map and Nav. We need more like you.
     
  7. AngryHatter

    AngryHatter Member

    Joined:
    Jan 4, 2011
    Messages:
    508
    Likes Received:
    1
    Trophy Points:
    18
    Ratings:
    +1
    There are far more people trying to kills and fill the security holes than malicious people trying to exploit them.
    Open is better in this regard.
     
Search tags for this page

android donut hole vulnerability droid bionic