BNET UK
silicon.com
ZDNet UK

Home
News
Blogs
Reviews
Videos
Jobs
Resources
Community

Leader
Comment
White Papers
Downloads
Special Reports

Hardware
Software
Communications
Internet
Security
IT Management
Emerging Tech
Leader

Group Blogs
News Blog
Post Room
Rupert's Diary

Hardware Reviews
Software Reviews
Editors' Choice
Buyer's Guides
Tech Guides
Competitions

Dialogue Box
Security threats
Server platforms
Mobile devices
Application development
Full video index

Articles
White Papers
Downloads
Companies
Broadband Speed Test

People
Competitions
Post Room
FAQ

You are here: ZDNet UK > News > Security

Security threats Toolkit

Researcher warns of Android browser vulnerability

Tags:
Google,
Flaw,
York,
Handset

David Meyer ZDNet.co.uk

Published: 27 Oct 2008 13:59 GMT

A flaw exists in the Google-led Android mobile platform that could let users be tricked into visiting malware-laden websites and unwittingly have their keystrokes recorded, The New York Times has reported.

According to the Saturday article, a researcher and former US National Security Agency computer-security specialist, Charles Miller, told Google about the flaw last week. The article also quotes a Google security engineer, Rich Cannings, as saying the flaw's impact would be limited due to the compartmentalisation of the Android platform.

"We wanted to sandbox every single application because you can't trust any of them," Cannings told The New York Times.

Read this

Photos: Seven androids – and their lessons for enterprise IT

ZDNet UK picks out seven of fiction's most arresting androids and the lessons their fables have for business technology

A Google spokesperson told ZDNet UK on Monday that the company was "working on a browser software patch for Android" and "co-ordinating with T-Mobile on a plan to soon deliver this update over-the-air to customers' G1 handsets" — the HTC-made G1 being the first Android handset to be released to market.

Google's spokesperson also said the company did not believe the matter would "negatively impact" customers' experience with the G1, which will be launched by T-Mobile in the UK on Thursday.

Miller has reportedly not yet publicised the technical details of the problem, but has said the flaw in the browser used in Android means a visit to a malicious website could lead to software being secretly installed on the handset. Such software could record keystrokes made by the user, thereby discovering private information and passwords.

Android is a complete mobile stack — from operating system to applications — that is being developed by the Open Handset Alliance, an industry consortium headed up by Google.

Photos: A rough guide to mobile open source
Analysis: Android may spread beyond phones
Roundup: First Google Android phone unveiled
T-Mobile G1 (HTC Dream): A first look
Analysis: First Android phone enters the smartphone fray
Photos: T-Mobile G1 (HTC Dream)
How Android stands out in the smartphone space
Android in action on T-Mobile's G1
Google releases final Android SDK
T-Mobile G1 (HTC Dream) review
Google shares Android source code
Coders to profit as Android Market opens

Did you find this article useful?

Share this article:
Digg
Slashdot
Del.ici.ous
Stumble
Reddit

More in this Special Report

Photos: A rough guide to mobile open source

Android is not the only open platform. Here's a quick guide to the mobile, open-source landscape more

Analysis: Android may spread beyond phones

One influential partner backing the open-source operating system has said the software will start to show up in consumer electronics and cars, too more

Photos: A taste of Android 'Cupcake' from the Magic phone

ZDNet UK has been given a sneak preview of Vodafone's exclusive HTC Magic handset, the first to use the updated 'Cupcake' version of the Android mobile platform more

Samsung Android phone due in June

O2 Germany has confirmed it will carry Samsung's i7500, which is likely to be the first non-HTC Android phone to be released in Europe more

Analysis: First Android phone enters the smartphone fray

The first Google Android phone sports a raft of mobile web features, but how will it stack up against the rest of the crowded smartphone market? more

Photos: T-Mobile G1 (HTC Dream)

Take a tour of the first Google Android smartphone more

How Android stands out in the smartphone space

ZDNet.com's Sumi Das and Sam Diaz discuss whether Google's Android is an iPhone killer and how the technology may eventually reach beyond phones and land inside other products more

Android in action on T-Mobile's G1

At the launch of the G1, a representative of the mobile operator demonstrated how the phone and Android operating system work more

Roundup: First Google Android phone unveiled

Unveiling the first handset to use the Android platform, Google hopes to provide a viable alternative to the current crop of largely proprietary mobile platforms more

T-Mobile G1 (HTC Dream) review

The design isn't great and we'd have liked some additional features, but the real beauty of the T-Mobile G1 is the Google Android platform, as it has the potential to make smartphones more personal and powerful more

Google shares Android source code

The search giant has begun to share the project's underlying source code on the Android Open Source Project site more

Coders to profit as Android Market opens

With T-Mobile's G1 phone now on sale in the US, Google has opened the Android Market app store, with developers set to receive 70 percent of revenue more