“Just days after the T-Mobile G1 smartphone went on the market, a group of security researchers have found what they call a serious flaw in the Android software from Google that runs it,” John Markoff reports for The New York Times.
“One of the researchers, Charles A. Miller, notified Google of the flaw this week and said he was publicizing it now because he believed that cellphone users were not generally aware that increasingly sophisticated smartphones faced the same threats that plague Internet-connected personal computers,” Markoff reports.
“Mr. Miller, a former National Security Agency computer security specialist, said the flaw could be exploited by an attacker who might trick a G1 user into visiting a booby-trapped Web site,” Markoff reports. “The G1 — the so-called Google phone — went on sale at T-Mobile stores on Wednesday.”
Markoff reports, “The risk in the Google design, according to Mr. Miller, who is a principal security analyst at Independent Security Evaluators in Baltimore, lies in the danger from within the Web browser partition in the phone. It would be possible, for example, for an intruder to install software that would capture keystrokes entered by the user when surfing to other Web sites. That would make it possible to steal identity information or passwords.”
Full article here.
[Thanks to MacDailyNews Reader "HMCIV" for the heads up.]
MacDailyNews Note: Back in mid-January, The New York Times’ John Markoff reported that Apple CEO Steve Jobs was “skeptical about Google’s decision to develop smartphone software. ‘Having created a phone its a lot harder than it looks,’ he said. ‘We’ll see how good their software is and we’ll see how consumers like it and how quickly it is adopted. I actually think Google has achieved their goal [of seeking not to get locked out of the mobile phone world] without Android, and I now think Android hurts them more than it helps them. It’s just going to divide them and people who want to be their partners.’”