Nearly 100 ‘high risk’ flaws found in Android OS

InvisibleSHIELD.  Scratch Proof your iPhone 4!“The central kernel of the Android mobile operating system has hundreds of defects, according to new research,” Jennifer Scott reports for IT PRO.

“The study, undertaken by Coverity, revealed 359 flaws, with 25 per cent of of them being ranked as ‘high risk.’This ranking meant they were likely to cause a security breach or crash a device running the operating system,” Scott reports. “Andy Chou, chief scientist and co-founder of Coverity, said… ‘a significant number of these defects are the high risk types that our customers typically fix before shipping their products to market.’”

Scott reports, “Chou said the aim of the report was to give the makers of the software a chance to fix things before they became a problem but the Android study was of Froyo, which is already shipping in a number of mobile devices.”

Full article here.

MacDailyNews Take: Have fun with your mobile banking, iPhone have-nots!

[Thanks to MacDailyNews Reader “Dan B.” for the heads up.]

30 Comments

  1. This headline is really misleading. One of the main points made was that Android has an extremely LOW number of flaws for a OS with this amount of code.

    MDN is definitely not a “no spin zone”

    Mac OS (and iOS) has its own major flaws, and Apple is typically slow to fix them. The only thing protecting iOS users is Apple’s control over what they allow apps to do via their app review for the app store

  2. It has taken, what, over 6 or 7 years to bring iOS to where it is now (counting initial development/research time)? And these guys think their first or second serious iteration is going to compete with a mature, tested operating system?

    Just wait until the hackers REALLY get ahold of a widely-disseminated Android tablet. People will be pulling their hair and eyebrows out of their skulls with grief and anger!

    Haste makes waste, Eric. But, then again, you deserve everything that is about to befall you.

  3. @critic

    “The only thing protecting iOS users is Apple’s control over what they allow apps to do via their app review for the app store”

    Yes. That was Apple’s intent. Seems like that choice is a sound one. And it’s not like Apple thought hey we have a crappy kernel lets throw in a walled garden just to be on the safe side. It’s not like they did this and thought, wow we just dodged a bullet. Aren’t we proud of ourselves. This is planning, preparation and pragmatism. I applaud it.

  4. No its not “really misleading”. Android was never developed with any attention to security because Googles business model is to monetize users personal information. Security is way down on the list as is UI and pretty much everything else.

    Apple’s “major flaws” do not result in real world problems where Androids do.

  5. @Randian

    “It has taken, what, over 6 or 7 years to bring iOS to where it is now”

    Actually, iOS is just the core OSX with essentially a different UI. And OSX is essentially NeXTSTEP OS which got it start when “a team led by Avie Tevanian, who had joined” NeXT “after working as one of the Mach kernel engineers at Carnegie Mellon University, was to develop the NeXTSTEP operating system.”

    http://en.wikipedia.org/wiki/NeXT

    So it’s been around a damn long time longer then 7 years. Just sayin.

  6. @critic

    The relevant missing section:
    Andy Chou, chief scientist and co-founder of Coverity, said: “The… results for the Android kernel we tested show a better than average defect density, meaning this specific kernel is shipping with fewer defects than the industry average for software of this size.”

    This is the part I like:
    “…of this size.”

    So the metric is defects per kilobyte? What difference does that make. There are 359 flaws 25% of which are high risk.
    So 90 high risk flaws which the article points out are the type usually addressed before shipping a product.

    Now who is spinning?

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.