08
Mar
google squashes bug

Google has responded to the alarm raised by an Android security expert of a bug related to the Android Market that could have caused a lot of trouble. The security hole was related to the recent implementation of the Android Web Market, and would have given hackers the ability to install malicious software fairly easily.

Co-founder and chief technology officer at Duo Security Jon Oberheide discovered the flaw last month and notified Google, who fixed it within "the last week or so." Users would have merely had to click on a malicious link on either their phones or on their desktops to activate the unwanted installation of rogue software. Oberheide said he was surprised nobody had discovered the flaw before (which he called "low hanging fruit").

After last week's scare with the DroidDream malware installed from Market apps (unrelated to this news today), Google is likely very relieved to have nipped this one in the bud before any damage was done. However, are we beginning to see the downside of Android's openness? What if this well-meaning security expert hadn't brought it up? While I hardly see this as cause for panic, perhaps the search king would be wise to amp up its detection and response to these kinds of threats (particularly if this latest bug was as easily detectable as the Duo chief claims it was).

Source: CNET

Will Shanklin
Will's typical, run-of-the-mill story is that of 'classically-trained actor turned Android smartphone and tablet writer.' If you catch him quoting Shakespeare, it's not because he misses it, but because he desperately wants his Masters in drama to count towards something.

Sir William dwelleth in the fair haven
Chicago; with his fair maid'n Jess and his
trusty cur, Ziggy.